1775495 – [GNFS] showmout -a <IP> cause gnfs crash

Bug 1775495 - [GNFS] showmout -a <IP> cause gnfs crash

Summary: [GNFS] showmout -a <IP> cause gnfs crash

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	GlusterFS
Classification:	Community
Component:	nfs
Sub Component:
Version:	7
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	bugs@gluster.org
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-11-22 05:58 UTC by Amar Tumballi
Modified:	2019-11-25 16:41 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2019-11-25 16:41:38 UTC
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Gluster.org Gerrit	23737	0	None	Merged	gnfs: use strcpy to prevent memory overflow	2019-11-25 16:41:37 UTC

Description Amar Tumballi 2019-11-22 05:58:17 UTC

This bug was initially created as a copy of Bug #1727248

I am copying this bug because: it would be good to have the bugfix in release-7 branch.



Description of problem:

showmout -a <IP> cause gnfs crash:

#0  0x00007febb92af207 in raise () from /lib64/libc.so.6
#1  0x00007febb92b08f8 in abort () from /lib64/libc.so.6
#2  0x00007febb92f1cc7 in __libc_message () from /lib64/libc.so.6
#3  0x00007febb92fbc16 in _int_malloc () from /lib64/libc.so.6
#4  0x00007febb92fe7dc in malloc () from /lib64/libc.so.6
#5  0x00007febb9390f87 in __vasprintf_chk () from /lib64/libc.so.6
#6  0x00007febbad161fc in vasprintf (__ap=0x7feba824e2b0, __fmt=0x7feba76309a0 "mount entry: dir: %s, host: %s", __ptr=0x7feba824e298) at /usr/include/bits/stdio2.h:210
#7  _gf_msg (domain=domain@entry=0x7feba762fc4a "nfs-mount", file=file@entry=0x7feba762fc41 "mount3.c", function=function@entry=0x7feba7631120 <__FUNCTION__.23648> "__build_mountlist", line=line@entry=2343,
    level=level@entry=GF_LOG_DEBUG, errnum=errnum@entry=0, trace=trace@entry=0, msgid=msgid@entry=0, fmt=fmt@entry=0x7feba76309a0 "mount entry: dir: %s, host: %s") at logging.c:1972
#8  0x00007feba75fd963 in __build_mountlist (ms=ms@entry=0x7feba802b530, count=count@entry=0x7feba824e488) at mount3.c:2342
#9  0x00007feba75fdb84 in mnt3svc_build_mountlist (ms=0x7feba802b530, count=count@entry=0x7feba824e488) at mount3.c:2371
#10 0x00007feba75fdc18 in mnt3svc_dump (req=0x7feba804d4a8) at mount3.c:2398
#11 0x00007febbad53da0 in synctask_wrap () at syncop.c:272
#12 0x00007febb92c0fc0 in ?? () from /lib64/libc.so.6
#13 0x0000000000000000 in ?? ()


Version-Release number of selected component (if applicable):

only test on master branch


How reproducible:

1. start gnfs
2. mount gnfs export directory
3. for i in $(seq 3333); do showmount -a 192.168.122.88; done
Then, nfs client will hung 

Steps to Reproduce:
1.
2.
3.

Actual results:

gnfs crash and nfs client will hung


Expected results:

no hung, gnfs works well.

Additional info:

Comment 1 Worker Ant 2019-11-22 06:03:21 UTC

REVIEW: https://review.gluster.org/23737 (gnfs: use strcpy to prevent memory overflow) posted (#2) for review on release-7 by Amar Tumballi

Comment 2 Worker Ant 2019-11-25 16:41:38 UTC

REVIEW: https://review.gluster.org/23737 (gnfs: use strcpy to prevent memory overflow) merged (#2) on release-7 by Amar Tumballi

Note You need to log in before you can comment on or make changes to this bug.