Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 231856 - lsraid segfaults reading /proc/partitions
lsraid segfaults reading /proc/partitions
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: raidtools (Show other bugs)
All Linux
high Severity high
: ---
: ---
Assigned To: Doug Ledford
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2007-03-12 12:39 EDT by Bryn M. Reeves
Modified: 2007-11-16 20:14 EST (History)
1 user (show)

See Also:
Fixed In Version: RHBA-2007-0451
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-06-11 14:36:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Increase maximum line length to 256 (999 bytes, patch)
2007-03-12 12:39 EDT, Bryn M. Reeves
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2007:0451 normal SHIPPED_LIVE raidtools bug fix update 2007-06-07 16:20:49 EDT

  None (edit)
Description Bryn M. Reeves 2007-03-12 12:39:56 EDT
Description of problem:
The current raidtools hard codes a fixed line length of 100 chars that is used
throughout the package when reading line-oriented data into a buffer (e.g.
config files, /proc/mdstat, /proc/partitions etc.):

#define MAX_LINE_LENGTH                       (100)

On systems with very large disks, the extended stats format in 2.4's
/proc/partitions can easily exceed this size. Unfortunately, lsraid also lacks
any error checking in the proc parsing code so we wind up with an uninitialised
array member for these partitions & subsequent segfault:

#0  0x0804a2a6 in load_partitions (ctxt=0x8a9a008) at lsraid.c:1061
#1  0x0804c0fd in main (argc=3, argv=0xbfff9af4) at lsraid.c:2633

Version-Release number of selected component (if applicable):

How reproducible:
100% on certain systems. The requirement is that any line in /proc/partitions
exceeds 99 characters.

Steps to Reproduce:
1. Check line lengths in /proc/partitions
2. Run "lsraid -R -p"

Actual results:
lsraid dies with a segfault

Expected results:
lsraid correctly outputs raidtab formatted data
Comment 1 Bryn M. Reeves 2007-03-12 12:39:57 EDT
Created attachment 149837 [details]
Increase maximum line length to 256
Comment 8 Doug Ledford 2007-03-14 08:57:40 EDT
I've built a new set of packages through brew that resolve this issue.  Package
version is 1.00.3-9.EL3.  As soon as management approves this for the 3.9
release, I'll file an errata.  In the meantime, this package can be used for a
Comment 18 Red Hat Bugzilla 2007-06-11 14:36:42 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.