Bug 764704 - (GLUSTER-2972) Buffer overflow in nfs3_create_exclusive.
Buffer overflow in nfs3_create_exclusive.
Status: CLOSED CURRENTRELEASE
Product: GlusterFS
Classification: Community
Component: nfs (Show other bugs)
3.1.3
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Gaurav
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-06-01 00:35 EDT by Gaurav
Modified: 2011-06-03 02:47 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Anand Avati 2011-06-01 00:29:49 EDT
PATCH: http://patches.gluster.com/patch/7344 in master (NFS : Handle buffer overflow in nfs3_create_exclusive.)
Comment 1 Anand Avati 2011-06-01 00:29:54 EDT
PATCH: http://patches.gluster.com/patch/7346 in release-3.1 (NFS : Handle buffer overflow in nfs3_create_exclusive.)
Comment 2 Anand Avati 2011-06-01 00:30:00 EDT
PATCH: http://patches.gluster.com/patch/7345 in release-3.2 (NFS : Handle buffer overflow in nfs3_create_exclusive.)
Comment 3 Gaurav 2011-06-01 00:35:53 EDT
cs->stbuf.ia_atime = (cs->cookieverf & 0xFFFFFFFF00000000);
cs->stbuf.ia_mtime = (cs->cookieverf & 0x00000000FFFFFFFF);

ia_atime aand ia_mtime are 32 bit variables.
Comment 4 Saurabh 2011-06-01 05:54:14 EDT
Hey Gaurav,

  can you suggest what are changes that went to fix this bug? Also, some test plan.
Comment 5 Saurabh 2011-06-02 23:47:10 EDT
For this test, I tried to run posix and iozone, though the issue is related to memory and hard to reproduce, but still tried to verify using Iozone, and it passed. The test was over nfs mount on a 3.2.1qa2 build.

Note You need to log in before you can comment on or make changes to this bug.