Bug 231856 - lsraid segfaults reading /proc/partitions
Summary: lsraid segfaults reading /proc/partitions
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: raidtools (Show other bugs)
(Show other bugs)
Version: 3.8
Hardware: All Linux
Target Milestone: ---
Assignee: Doug Ledford
QA Contact: David Lawrence
Depends On:
TreeView+ depends on / blocked
Reported: 2007-03-12 16:39 UTC by Bryn M. Reeves
Modified: 2007-11-17 01:14 UTC (History)
1 user (show)

Fixed In Version: RHBA-2007-0451
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-06-11 18:36:42 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Increase maximum line length to 256 (999 bytes, patch)
2007-03-12 16:39 UTC, Bryn M. Reeves
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2007:0451 normal SHIPPED_LIVE raidtools bug fix update 2007-06-07 20:20:49 UTC

Description Bryn M. Reeves 2007-03-12 16:39:56 UTC
Description of problem:
The current raidtools hard codes a fixed line length of 100 chars that is used
throughout the package when reading line-oriented data into a buffer (e.g.
config files, /proc/mdstat, /proc/partitions etc.):

#define MAX_LINE_LENGTH                       (100)

On systems with very large disks, the extended stats format in 2.4's
/proc/partitions can easily exceed this size. Unfortunately, lsraid also lacks
any error checking in the proc parsing code so we wind up with an uninitialised
array member for these partitions & subsequent segfault:

#0  0x0804a2a6 in load_partitions (ctxt=0x8a9a008) at lsraid.c:1061
#1  0x0804c0fd in main (argc=3, argv=0xbfff9af4) at lsraid.c:2633

Version-Release number of selected component (if applicable):

How reproducible:
100% on certain systems. The requirement is that any line in /proc/partitions
exceeds 99 characters.

Steps to Reproduce:
1. Check line lengths in /proc/partitions
2. Run "lsraid -R -p"

Actual results:
lsraid dies with a segfault

Expected results:
lsraid correctly outputs raidtab formatted data

Comment 1 Bryn M. Reeves 2007-03-12 16:39:57 UTC
Created attachment 149837 [details]
Increase maximum line length to 256

Comment 8 Doug Ledford 2007-03-14 12:57:40 UTC
I've built a new set of packages through brew that resolve this issue.  Package
version is 1.00.3-9.EL3.  As soon as management approves this for the 3.9
release, I'll file an errata.  In the meantime, this package can be used for a

Comment 18 Red Hat Bugzilla 2007-06-11 18:36:42 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.