When calling into the metadata plugin credentials API, the grpc_auth_metadata_context seems to be shallow-copied. In an async call, when the contents of the context is accessed, the c-core may have cancelled the get_request_metadata operation and have called the callback which destroys the context. This may cause a use after free problem.
The C++ fix added a core API to do a deep copy and the full fix is in #19139.
This is a tracking bug for ruby. Please verify this is a problem and fix it if needed. The call site is at
|
params->context = context; |
When calling into the metadata plugin credentials API, the grpc_auth_metadata_context seems to be shallow-copied. In an async call, when the contents of the context is accessed, the c-core may have cancelled the get_request_metadata operation and have called the callback which destroys the context. This may cause a use after free problem.
The C++ fix added a core API to do a deep copy and the full fix is in #19139.
This is a tracking bug for ruby. Please verify this is a problem and fix it if needed. The call site is at
grpc/src/ruby/ext/grpc/rb_call_credentials.c
Line 123 in 32a37e2