Bug 1278900 - check_host_list() should be more robust
check_host_list() should be more robust
Status: CLOSED ERRATA
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: common-ha (Show other bugs)
3.1
Unspecified Unspecified
unspecified Severity unspecified
: ---
: RHGS 3.2.0
Assigned To: Soumya Koduri
Arthy Loganathan
:
Depends On:
Blocks: 1283211 1351515
  Show dependency treegraph
 
Reported: 2015-11-06 12:06 EST by Cedric Buissart
Modified: 2017-03-23 01:24 EDT (History)
10 users (show)

See Also:
Fixed In Version: glusterfs-3.8.4-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1283211 (view as bug list)
Environment:
Last Closed: 2017-03-23 01:24:39 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 2044613 None None None Never

  None (edit)
Description Cedric Buissart 2015-11-06 12:06:32 EST
Description of problem:

The check_host_list()  [source: xlators/mgmt/glusterd/src/glusterd-ganesha.c] function is currently quite weak and segfault prone.

That function parses the /etc/ganesha/ganesha-ha.conf file

----8<----
       while (fgets (line, sizeof(line), fp) != NULL) {
        /* Read GANESHA_HA_CONFIG till we find the list of HA_CLUSTER_NODES */
                hostname = strstr ((char *)line, "HA_CLUSTER_NODES");
                if (hostname != NULL) {
                        hostname = strstr (hostname, DELIM);
                        hostname = hostname + strlen(DELIM);
                        i = strlen (hostname);
                        hostname[i - 2] = '\0';
                        break;
                }
---->8----

1) The second strstr might return NULL if DELIM (i.e. : defined as '="') does not appear in the line.
e.g. : an admin might believe that quotes are not mandatory, or that single quote is good as well.

2) There is currently no comment checking ('#'), which means that the following config file will get the wrong value :
---
#HA_CLUSTER_NODES="oldname1,oldname2,oldname3"
HA_CLUSTER_NODES="newname1,newname2,newname3"
---

because the first line will match, despite being commented out.

3) There is no comment checking after the value either, nor do we check that the last character is a quote before removing it. Thus this will fail :
HA_CLUSTER_NODES="server1,server2"  # some comment

4) there's a potential problem with long lines : line[] is statically set to 1024 chars, and is prone to future problem (see http://review.gluster.org/#/c/12346/ for similar issues)

Version-Release number of selected component (if applicable): 3.1, and upstream is affected as well

How reproducible: 100%


Steps to Reproduce:
1. have a buggy /etc/ganesha/ganesha-ha.conf
2. enable nfs-ganesha

Actual results:
segfaults, without any error message

Expected results:
1) stronger check_host_list() function that accepts comments
2) parsing check, so that we have an elegant error, like "error: could not parse HA_CLUSTER_NODES"
Comment 3 Cedric Buissart 2015-11-11 07:39:17 EST
I have a patch, which will undergo some testings prior to being proposed.

I also modified is_ganesha_host() which is affected in the same way.
Comment 4 Cedric Buissart 2015-11-16 10:50:05 EST
Posted the patch to review.gluster.org : refs/for/master/bug-1278900
Comment 6 Mike McCune 2016-03-28 18:23:55 EDT
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions
Comment 9 Atin Mukherjee 2016-09-17 08:26:07 EDT
Upstream mainline : http://review.gluster.org/12588
Upstream 3.8 : rebased to master

And the fix is available in rhgs-3.2.0 as part of rebase to GlusterFS 3.8.4.
Comment 12 Arthy Loganathan 2016-12-05 05:20:40 EST
Executed the test having commented lines in ganesha-ha.conf and the installation succeeds as expected.

Verified the build in,
glusterfs-ganesha-3.8.4-5.el7rhgs.x86_64
nfs-ganesha-gluster-2.4.1-1.el7rhgs.x86_64
Comment 14 errata-xmlrpc 2017-03-23 01:24:39 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0486.html

Note You need to log in before you can comment on or make changes to this bug.