Bug 1235904 - fgetxattr() crashes when key name is NULL
Summary: fgetxattr() crashes when key name is NULL
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: GlusterFS
Classification: Community
Component: posix
Version: 3.7.2
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: ---
Assignee: Prashanth Pai
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: glusterfs-3.7.3
TreeView+ depends on / blocked
 
Reported: 2015-06-26 04:41 UTC by Prashanth Pai
Modified: 2015-07-30 09:50 UTC (History)
2 users (show)

Fixed In Version: glusterfs-3.7.3
Clone Of:
Environment:
Last Closed: 2015-07-30 09:50:34 UTC
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Embargoed:

Attachments (Terms of Use)

Description Prashanth Pai 2015-06-26 04:41:35 UTC 
Description of problem:

fgetxattr() crashes when key name is NULL

Version-Release number of selected component (if applicable):
3.7.x branch

This is used to get the size of xattr list (to later allocate buffer):
glfs_flistxattr(glfd, NULL, 0);
glfs_flistxattr() internally has the following call:
syncop_fgetxattr (subvol, fd, &xattr, NULL, NULL, NULL);
strncmp() segfaults as name is NULL in posix_fgetxattr()

Actual results:
SEGFAULT

Expected results:
No crash

Additional info:
This coverity fix that's in master was missed (not backported) from 3.7.x branch.
Comment 1 Prashanth Pai 2015-06-26 05:33:56 UTC 
http://review.gluster.org/#/c/11213/
Comment 2 Anand Avati 2015-06-26 10:43:44 UTC 
COMMIT: http://review.gluster.org/11213 committed in release-3.7 by Raghavendra Bhat (raghavendra) 
------
commit 1da4ba883721e1613c4a0685e0fdd177a55eb07e
Author: Prashanth Pai <ppai>
Date:   Sun Jun 14 16:40:58 2015 +0530

    posix: Fix fgetxattr() crash when key name is NULL
    
    This is used to get the size of xattr list (to later allocate buffer):
    glfs_flistxattr(glfd, NULL, 0);
    
    glfs_flistxattr() internally has the following call:
    syncop_fgetxattr (subvol, fd, &xattr, NULL, NULL, NULL);
    
    strncmp() segfaults as name is NULL in posix_fgetxattr()
    
    Turns out this was a coverity fix in master branch that was not
    backported to 3.7.x tree.
    http://review.gluster.org/#/c/10252/
    
    BUG: 1235904
    Change-Id: I2ec4715f1ea2f0e9c5314b2dc358bc01ad7b7d45
    Signed-off-by: Prashanth Pai <ppai>
    Reviewed-on: http://review.gluster.org/11213
    Reviewed-by: Raghavendra Talur <rtalur>
    Tested-by: Gluster Build System <jenkins.com>
    Reviewed-by: Raghavendra Bhat <raghavendra>
Comment 3 Kaushal 2015-07-30 09:50:34 UTC 
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.3, please open a new bug report.

glusterfs-3.7.3 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/12078
[2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user
Note You need to log in before you can comment on or make changes to this bug.