Bug 625601
Summary: | openais should handle non null terminated chkpoint strings | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Corey Marthaler <cmarthal> | ||||||||
Component: | openais | Assignee: | Ryan O'Hara <rohara> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Cluster QE <mspqa-list> | ||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | 6.0 | CC: | agk, antillon.maurizio, cluster-maint, fdinitto, lhh, michael.hagmann, sdake, ssaha | ||||||||
Target Milestone: | rc | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | openais-1.1.1-6.el6 | Doc Type: | Bug Fix | ||||||||
Doc Text: |
When a checkpoint name was not terminated with the NULL character, the aisexec process may have terminated unexpectedly with a segmentation fault, causing a cluster outage. With this update, the underlying source code has been modified to resolve this issue, and such strings no longer cause aisexec to crash.
|
Story Points: | --- | ||||||||
Clone Of: | |||||||||||
: | 625947 (view as bug list) | Environment: | |||||||||
Last Closed: | 2010-11-10 22:13:01 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 625947 | ||||||||||
Attachments: |
|
Description
Corey Marthaler
2010-08-19 22:08:44 UTC
The issue is sync_bits section id length as given to the ckpt service is = 9. This does not account for the null termination that the pretty printing in ckpt does. We can't add a null termination inside ckpt because it will break wire compat. The two possible solutions are to fix the numerous pretty printing that takes place inside the ckpt service or alternatively increase the "sync_bits" and possibly other length parameters used by cmirror passed into ckpt. Created attachment 440026 [details]
Fix printing of non-NULL terminated strings
Don't add support for NULL terminated strings to the structures - or as others to pass in NULL terminated strings - just print the strings as allowed by printf ("%.*s" format).
General solution of patch looks reasonable, although attachment 440026 [details] has several FIXMEs which remain unaddressed. Ryan will have to resolve those issues in an updated patch.
Created attachment 440058 [details]
Minor change to previous patch.
Removed an extra ')' in the previous patch, line 1531.
I have FIXMEs resolved. Updated patch will be posted soon. Need to recreate bug and test fix before handing-off to QE. Created attachment 440415 [details]
Resolve FIXME issues, changes printf statement to use length.
This should resolve all issues with log_printf and unterminated string. The issues tagged with FIXME in the original patch have been resolved. Please review this patch.
Fix pushed upstream and pulled into RHEL6 build. Marking this as POST. Patch reviewed by sdake - is good to go. Fixed in openais-1.1.1-6 build. Marking this MODIFIED. No longer seeing clvmd start-up issues. Marking verified with the latest build. openais-1.1.1-6.el6.x86_64 openaislib-1.1.1-6.el6.x86_64 Red Hat Enterprise Linux 6.0 is now available and should resolve the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you. Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: When a checkpoint name was not terminated with the NULL character, the aisexec process may have terminated unexpectedly with a segmentation fault, causing a cluster outage. With this update, the underlying source code has been modified to resolve this issue, and such strings no longer cause aisexec to crash. |