Bug 1635373
Summary: | ASan (address sanitizer) fixes - Blanket bug | ||
---|---|---|---|
Product: | [Community] GlusterFS | Reporter: | Shyamsundar <srangana> |
Component: | core | Assignee: | bugs <bugs> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | urgent | ||
Version: | 5 | CC: | amukherj, atumball, bugs, srangana |
Target Milestone: | --- | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | glusterfs-5.0 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1633930 | Environment: | |
Last Closed: | 2018-10-23 15:19:19 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1633930 | ||
Bug Blocks: |
Description
Shyamsundar
2018-10-02 18:40:27 UTC
REVIEW: https://review.gluster.org/21322 (mdcache: Fix asan reported potential heap buffer overflow) posted (#1) for review on release-5 by Shyamsundar Ranganathan COMMIT: https://review.gluster.org/21322 committed in release-5 by "Shyamsundar Ranganathan" <srangana> with a commit message- mdcache: Fix asan reported potential heap buffer overflow The char pointer mdc_xattr_str in function mdc_xattr_list_populate is malloc'd and doing a strcat into a malloc'd region can overflow content allocated based on prior contents of the memory region. Added a NULL terimation to the malloc'd region to prevent the overflow, and treat it as an empty string. Change-Id: If0decab669551581230a8ede4c44c319ff04bac9 Updates: bz#1635373 Signed-off-by: ShyamsundarR <srangana> (cherry picked from commit d00a2a1b398346bbdc5ac9b3ba4b09fb1ce1e699) This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-5.0, please open a new bug report. glusterfs-5.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] https://lists.gluster.org/pipermail/announce/2018-October/000115.html [2] https://www.gluster.org/pipermail/gluster-users/ |