| Summary: | wrong size allocated for posix_fd in posix.c:posix_opendir() | ||
|---|---|---|---|
| Product: | [Community] GlusterFS | Reporter: | Amar Tumballi <amarts> |
| Component: | posix | Assignee: | Amar Tumballi <amarts> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | mainline | CC: | donyren, fharshav, gluster-bugs, saurabh, vraman |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | RTNR | Mount Type: | --- |
| Documentation: | DNR | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
(In reply to comment #0) > @@ -978,7 +977,7 @@ posix_opendir (call_frame_t *frame, xlator_t *this, > goto out; > } > > - pfd = GF_CALLOC (1, sizeof (*fd), gf_posix_mt_posix_fd); > + pfd = GF_CALLOC (1, sizeof (*pfd), gf_posix_mt_posix_fd); > > > The above patch fixes the issue. This is not very critical at the moment as > sizeof of 'fd_t' is more than sizeof 'struct posix_fd', but it crashes with > corruption when more members are added to posix_fd structure. what is the error user feels? what is the user error seen?. Can this lead to opendir sending "EPERM" back to application?
>
> what is the error user feels? what is the user error seen?.
>
> Can this lead to opendir sending "EPERM" back to application?
Nope, this is a code internal bug, at the max, it will lead to corruption/crash internally.
in normal cases (ie, in all the codebase we have in glusterfs.git) it works fine, as gf_calloc() succeeds, just that it gives more size for fd_ctx pointer.
the error pops up only when 'posix_fd' structure's size becomes more than that of 'fd_t' structure's size. (It happened when I was doing some work on snapshot feature).
No one needs to be bothered by this, other than developers, who ideally should do more careful review of their code before submitting.
PATCH: http://patches.gluster.com/patch/5966 in master (storage/posix: in opendir, allocate proper size for fd ctx pointer) *** Bug 2453 has been marked as a duplicate of this bug. *** this is related to change in pointer usage and earlier also it was not causing any issues to the functionality. |
@@ -978,7 +977,7 @@ posix_opendir (call_frame_t *frame, xlator_t *this, goto out; } - pfd = GF_CALLOC (1, sizeof (*fd), gf_posix_mt_posix_fd); + pfd = GF_CALLOC (1, sizeof (*pfd), gf_posix_mt_posix_fd); The above patch fixes the issue. This is not very critical at the moment as sizeof of 'fd_t' is more than sizeof 'struct posix_fd', but it crashes with corruption when more members are added to posix_fd structure.