Bug 1379135

Summary: mdadm buffer overflow detected when create name with 32 characters
Product: Red Hat Enterprise Linux 7 Reporter: Zhang Yi <yizhan>
Component: mdadmAssignee: XiaoNi <xni>
Status: CLOSED ERRATA QA Contact: guazhang <guazhang>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: dledford, xiaotzha, xni
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: mdadm-4.0-1.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-01 12:49:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1353018    

Comment 2 Jes Sorensen 2016-09-28 21:07:46 UTC 
Moving to 7.4 - this really is fringe case that doesn't need urgent attention.
Comment 5 guazhang@redhat.com 2017-04-17 06:25:10 UTC 
Hello 
the bug have been fixed on mdadm-4.0-1.el7, so I will move it to verified.

[root@cisco-b22m3-01 ~]# mdadm -V
mdadm - v3.4 - 28th January 2016
[root@cisco-b22m3-01 ~]# mdadm -CR /dev/md/01234567890123456789012345678901 -l1 -n2 /dev/loop1[12]
mdadm: Note: this array has metadata at the start and
    may not be suitable as a boot device.  If you plan to
    store '/boot' on this device please ensure that
    your boot-loader understands md/v1.x metadata, or use
    --metadata=0.90
*** buffer overflow detected ***: mdadm terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x7faf58a10d87]
/lib64/libc.so.6(+0x10df40)[0x7faf58a0ef40]
mdadm(+0x3bf76)[0x55a0017c7f76]
mdadm(+0x207fc)[0x55a0017ac7fc]
mdadm(+0x9a44)[0x55a001795a44]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7faf58922c05]
mdadm(+0xa9a9)[0x55a0017969a9]
======= Memory map: ========
55a00178c000-55a00180e000 r-xp 00000000 fd:00 34605618                   /usr/sbin/mdadm
55a001a0e000-55a001a0f000 r--p 00082000 fd:00 34605618                   /usr/sbin/mdadm
55a001a0f000-55a001a16000 rw-p 00083000 fd:00 34605618                   /usr/sbin/mdadm
55a001a16000-55a001a29000 rw-p 00000000 00:00 0 
55a001fad000-55a001fce000 rw-p 00000000 00:00 0                          [heap]
7faf586eb000-7faf58700000 r-xp 00000000 fd:00 33554545                   /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7faf58700000-7faf588ff000 ---p 00015000 fd:00 33554545                   /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7faf588ff000-7faf58900000 r--p 00014000 fd:00 33554545                   /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7faf58900000-7faf58901000 rw-p 00015000 fd:00 33554545                   /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7faf58901000-7faf58ab9000 r-xp 00000000 fd:00 33610812                   /usr/lib64/libc-2.17.so
7faf58ab9000-7faf58cb9000 ---p 001b8000 fd:00 33610812                   /usr/lib64/libc-2.17.so
7faf58cb9000-7faf58cbd000 r--p 001b8000 fd:00 33610812                   /usr/lib64/libc-2.17.so
7faf58cbd000-7faf58cbf000 rw-p 001bc000 fd:00 33610812                   /usr/lib64/libc-2.17.so
7faf58cbf000-7faf58cc4000 rw-p 00000000 00:00 0 
7faf58cc4000-7faf58cc6000 r-xp 00000000 fd:00 33610818                   /usr/lib64/libdl-2.17.so
7faf58cc6000-7faf58ec6000 ---p 00002000 fd:00 33610818                   /usr/lib64/libdl-2.17.so
7faf58ec6000-7faf58ec7000 r--p 00002000 fd:00 33610818                   /usr/lib64/libdl-2.17.so
7faf58ec7000-7faf58ec8000 rw-p 00003000 fd:00 33610818                   /usr/lib64/libdl-2.17.so
7faf58ec8000-7faf58ee8000 r-xp 00000000 fd:00 33610805                   /usr/lib64/ld-2.17.so
7faf590d9000-7faf590dc000 rw-p 00000000 00:00 0 
7faf590e6000-7faf590e8000 rw-p 00000000 00:00 0 
7faf590e8000-7faf590e9000 r--p 00020000 fd:00 33610805                   /usr/lib64/ld-2.17.so
7faf590e9000-7faf590ea000 rw-p 00021000 fd:00 33610805                   /usr/lib64/ld-2.17.so
7faf590ea000-7faf590eb000 rw-p 00000000 00:00 0 
7ffd0de0e000-7ffd0de2f000 rw-p 00000000 00:00 0                          [stack]
7ffd0dea8000-7ffd0deaa000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted (core dumped)

[root@cisco-b22m3-01 ~]# mdadm -V
mdadm - v4.0 - 2017-01-09
[root@cisco-b22m3-01 ~]#  mdadm -CR /dev/md/01234567890123456789012345678901 -l1 -n2  /dev/loop1[21]
mdadm: Note: this array has metadata at the start and
    may not be suitable as a boot device.  If you plan to
    store '/boot' on this device please ensure that
    your boot-loader understands md/v1.x metadata, or use
    --metadata=0.90
mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md/01234567890123456789012345678901 started.


thanks
Guazhang
Comment 6 errata-xmlrpc 2017-08-01 12:49:07 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2264