Bug 1278900 - check_host_list() should be more robust
Summary: check_host_list() should be more robust
Alias: None
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: common-ha
Version: rhgs-3.1
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: RHGS 3.2.0
Assignee: Soumya Koduri
QA Contact: Arthy Loganathan
Depends On:
Blocks: 1283211 1351515
TreeView+ depends on / blocked
Reported: 2015-11-06 17:06 UTC by Cedric Buissart 🐶
Modified: 2017-03-23 05:24 UTC (History)
10 users (show)

Fixed In Version: glusterfs-3.8.4-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1283211 (view as bug list)
Last Closed: 2017-03-23 05:24:39 UTC

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:0486 normal SHIPPED_LIVE Moderate: Red Hat Gluster Storage 3.2.0 security, bug fix, and enhancement update 2017-03-23 09:18:45 UTC
Red Hat Knowledge Base (Solution) 2044613 None None None Never

Description Cedric Buissart 🐶 2015-11-06 17:06:32 UTC
Description of problem:

The check_host_list()  [source: xlators/mgmt/glusterd/src/glusterd-ganesha.c] function is currently quite weak and segfault prone.

That function parses the /etc/ganesha/ganesha-ha.conf file

       while (fgets (line, sizeof(line), fp) != NULL) {
        /* Read GANESHA_HA_CONFIG till we find the list of HA_CLUSTER_NODES */
                hostname = strstr ((char *)line, "HA_CLUSTER_NODES");
                if (hostname != NULL) {
                        hostname = strstr (hostname, DELIM);
                        hostname = hostname + strlen(DELIM);
                        i = strlen (hostname);
                        hostname[i - 2] = '\0';

1) The second strstr might return NULL if DELIM (i.e. : defined as '="') does not appear in the line.
e.g. : an admin might believe that quotes are not mandatory, or that single quote is good as well.

2) There is currently no comment checking ('#'), which means that the following config file will get the wrong value :

because the first line will match, despite being commented out.

3) There is no comment checking after the value either, nor do we check that the last character is a quote before removing it. Thus this will fail :
HA_CLUSTER_NODES="server1,server2"  # some comment

4) there's a potential problem with long lines : line[] is statically set to 1024 chars, and is prone to future problem (see http://review.gluster.org/#/c/12346/ for similar issues)

Version-Release number of selected component (if applicable): 3.1, and upstream is affected as well

How reproducible: 100%

Steps to Reproduce:
1. have a buggy /etc/ganesha/ganesha-ha.conf
2. enable nfs-ganesha

Actual results:
segfaults, without any error message

Expected results:
1) stronger check_host_list() function that accepts comments
2) parsing check, so that we have an elegant error, like "error: could not parse HA_CLUSTER_NODES"

Comment 3 Cedric Buissart 🐶 2015-11-11 12:39:17 UTC
I have a patch, which will undergo some testings prior to being proposed.

I also modified is_ganesha_host() which is affected in the same way.

Comment 4 Cedric Buissart 🐶 2015-11-16 15:50:05 UTC
Posted the patch to review.gluster.org : refs/for/master/bug-1278900

Comment 6 Mike McCune 2016-03-28 22:23:55 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 9 Atin Mukherjee 2016-09-17 12:26:07 UTC
Upstream mainline : http://review.gluster.org/12588
Upstream 3.8 : rebased to master

And the fix is available in rhgs-3.2.0 as part of rebase to GlusterFS 3.8.4.

Comment 12 Arthy Loganathan 2016-12-05 10:20:40 UTC
Executed the test having commented lines in ganesha-ha.conf and the installation succeeds as expected.

Verified the build in,

Comment 14 errata-xmlrpc 2017-03-23 05:24:39 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.