1611115 – avoid possible glusterd crash in glusterd_verify_slave

Bug 1611115 - avoid possible glusterd crash in glusterd_verify_slave

Summary: avoid possible glusterd crash in glusterd_verify_slave

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	GlusterFS
Classification:	Community
Component:	geo-replication
Sub Component:
Version:	4.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Kotresh HR
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1602121
Blocks:
TreeView+	depends on / blocked

Reported:	2018-08-02 05:44 UTC by Kotresh HR
Modified:	2018-08-29 12:45 UTC (History)
CC List:	2 users (show)
Fixed In Version:	glusterfs-4.1.3
Clone Of:	1602121
Environment:
Last Closed:	2018-08-29 12:45:07 UTC
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Kotresh HR 2018-08-02 05:44:36 UTC

+++ This bug was initially created as a clone of Bug #1602121 +++

Description of problem:
In 'glusterd_verify_slave' while  tokenizing error message we call 'strtok_r' and store return value in 'tmp' which can be NULL. We are passing this 'tmp' as 1st argument to 'strcmp' which will lead to segmentation fault.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

--- Additional comment from Worker Ant on 2018-07-17 16:37:16 EDT ---

REVIEW: https://review.gluster.org/20526 (geo-rep : fix possible crash) posted (#1) for review on master by Sunny Kumar

--- Additional comment from Worker Ant on 2018-07-22 23:57:29 EDT ---

COMMIT: https://review.gluster.org/20526 committed in master by "Amar Tumballi" <amarts> with a commit message- geo-rep : fix possible crash

Problem : In 'glusterd_verify_slave' while tokenizing error message
          we call 'strtok_r' and store return value in 'tmp' which
          can be NULL. We are passing this 'tmp' as 1st argument to
          'strcmp' which will lead to segmentation fault.
Solution : before calling 'strcmp' we should NULL check 'tmp'.

Change-Id: Ifd3864b904afe6cd09d9e5a4b55c6d0578e22b9d
fixes: bz#1602121
Signed-off-by: Sunny Kumar <sunkumar>

Comment 1 Worker Ant 2018-08-02 06:01:33 UTC

REVIEW: https://review.gluster.org/20614 (geo-rep : fix possible crash) posted (#1) for review on release-4.1 by Kotresh HR

Comment 2 Worker Ant 2018-08-16 14:31:43 UTC

COMMIT: https://review.gluster.org/20614 committed in release-4.1 by "Shyamsundar Ranganathan" <srangana> with a commit message- geo-rep : fix possible crash

Problem : In 'glusterd_verify_slave' while tokenizing error message
          we call 'strtok_r' and store return value in 'tmp' which
          can be NULL. We are passing this 'tmp' as 1st argument to
          'strcmp' which will lead to segmentation fault.
Solution : before calling 'strcmp' we should NULL check 'tmp'.

Backport of:
 > Change-Id: Ifd3864b904afe6cd09d9e5a4b55c6d0578e22b9d
 > BUG: 1602121
 > Signed-off-by: Sunny Kumar <sunkumar>

Change-Id: Ifd3864b904afe6cd09d9e5a4b55c6d0578e22b9d
fixes: bz#1611115
Signed-off-by: Sunny Kumar <sunkumar>

Comment 3 Shyamsundar 2018-08-29 12:45:07 UTC

This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-4.1.3, please open a new bug report.

glusterfs-4.1.3 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] https://lists.gluster.org/pipermail/announce/2018-August/000111.html
[2] https://www.gluster.org/pipermail/gluster-users/

Note You need to log in before you can comment on or make changes to this bug.