Red Hat Bugzilla – Bug 231856
lsraid segfaults reading /proc/partitions
Last modified: 2007-11-16 20:14:46 EST
Description of problem:
The current raidtools hard codes a fixed line length of 100 chars that is used
throughout the package when reading line-oriented data into a buffer (e.g.
config files, /proc/mdstat, /proc/partitions etc.):
#define MAX_LINE_LENGTH (100)
On systems with very large disks, the extended stats format in 2.4's
/proc/partitions can easily exceed this size. Unfortunately, lsraid also lacks
any error checking in the proc parsing code so we wind up with an uninitialised
array member for these partitions & subsequent segfault:
#0 0x0804a2a6 in load_partitions (ctxt=0x8a9a008) at lsraid.c:1061
#1 0x0804c0fd in main (argc=3, argv=0xbfff9af4) at lsraid.c:2633
Version-Release number of selected component (if applicable):
100% on certain systems. The requirement is that any line in /proc/partitions
exceeds 99 characters.
Steps to Reproduce:
1. Check line lengths in /proc/partitions
2. Run "lsraid -R -p"
lsraid dies with a segfault
lsraid correctly outputs raidtab formatted data
Created attachment 149837 [details]
Increase maximum line length to 256
I've built a new set of packages through brew that resolve this issue. Package
version is 1.00.3-9.EL3. As soon as management approves this for the 3.9
release, I'll file an errata. In the meantime, this package can be used for a
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.