Bug 675694 - blkid crashes on a server with more than 128 storage devices
Summary: blkid crashes on a server with more than 128 storage devices
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: e2fsprogs
Version: 5.6
Hardware: Unspecified
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Eric Sandeen
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On:
Blocks: 675999
TreeView+ depends on / blocked
 
Reported: 2011-02-07 11:33 UTC by ritz
Modified: 2018-11-14 14:52 UTC (History)
3 users (show)

Fixed In Version: e2fsprogs-1.39-30.el5
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 675999 (view as bug list)
Environment:
Last Closed: 2011-07-21 09:07:26 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1080 0 normal SHIPPED_LIVE e2fsprogs bug fix and enhancement update 2011-07-21 09:04:54 UTC

Description ritz 2011-02-07 11:33:51 UTC 
Description of problem:
blkid crashes on a server with more than 128 storage devices

Version-Release number of selected component (if applicable):
upstream

How reproducible:
always

Steps to Reproduce:
1.blkid -c /dev/<list of storage device, more than 128>
  
Actual results:
craash

Expected results:
should'nt crash

Additional info:
$ vim e2fsprogs-1.39/misc/blkid.c
 92 int main(int argc, char **argv)
 93 {
 94         blkid_cache cache = NULL;
 95         char *devices[128] = { NULL, };
 96         char *show[128] = { NULL, };
<--- bad mojo, 128 device artificial limit.
 97         char *search_type = NULL, *search_value = NULL;
 98         char *read = NULL;


update the limit to a higher value ( say 8192) as shown below


 95         char *devices[8192] = { NULL, };
 96         char *show[8192] = { NULL, };
Comment 1 Eric Sandeen 2011-02-07 23:01:34 UTC 
Yep, that's no good.

We'll need something more flexible than just increasing the artificial limit, though.
Comment 2 Eric Sandeen 2011-02-08 15:09:04 UTC 
I've sent a patch upstream (to util-linux-ng) for this, and kzak committed it.  Once it shows up in git I'll pull it back & put it into rhel5.

Also, will dup this to rhel6.

The "show" array is OK, because:

                case 's':
                        if (numtag + 1 >= sizeof(show) / sizeof(*show)) {
                                fprintf(stderr, "Too many tags specified\n");
                                usage(err);
                        }
                        show[numtag++] = optarg;
                        show[numtag] = NULL;
                        break;

if the index grows past the size of the array, it will error out.
Comment 3 Eric Sandeen 2011-02-08 15:27:16 UTC 
From: Eric Sandeen <sandeen>
Date: Tue, 8 Feb 2011 05:44:26 +0000 (-0600)
Subject: blkid: dynamically allocate devicename array
X-Git-Url:
http://git.kernel.org/?p=utils%2Futil-linux%2Futil-linux.git;a=commitdiff_plain;h=ea51c09c11f7110eca54fa35ab5ac51a7635c8c2

blkid: dynamically allocate devicename array

If more than 128 devices are specified on the blkid cmdline,
the devices[] array will overflow.

We can dynamically allocate the devices[] array based on number
of arguments to avoid this problem.

[kzak: - add "if (optind < argc)" check]

Signed-off-by: Eric Sandeen <sandeen>
Signed-off-by: Karel Zak <kzak>
---
Comment 4 Eric Sandeen 2011-02-08 15:52:42 UTC 
Built & tagged in e2fsprogs-1.39-30.el5
Comment 7 errata-xmlrpc 2011-07-21 09:07:26 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1080.html
Comment 8 errata-xmlrpc 2011-07-21 12:39:16 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1080.html
Note You need to log in before you can comment on or make changes to this bug.