Description of problem: crash of the process when flistxattr() is issued (ie, key argument will be NULL). Version-Release number of selected component (if applicable): mainline How reproducible: issue 'flistxattr()' on mount point, when quota is enabled. Actual results: 'flistxattr()' segfaults Expected results: work without any issues Additional info: Program terminated with signal 11, Segmentation fault. #0 0x00000037ccf3d3f9 in __strcasecmp_l_ssse3 () from /lib64/libc.so.6 Missing separate debuginfos, use: debuginfo-install glibc-2.14-5.x86_64 libgcc-4.6.1-9.fc15.x86_64 (gdb) bt #0 0x00000037ccf3d3f9 in __strcasecmp_l_ssse3 () from /lib64/libc.so.6 #1 0x00007fbad81c4915 in quota_fgetxattr (frame=0x7fbadcd7406c, this=0x1045c60, fd=0x7fbacfe4004c, name=0x0) at ../../../../../xlators/features/quota/src/quota.c:2020 #2 0x00007fbade196aaa in default_fgetxattr (frame=0x7fbadcd730f8, this=0x1046f80, fd=0x7fbacfe4004c, name=0x0) at ../../../libglusterfs/src/defaults.c:828 #3 0x00007fbade196aaa in default_fgetxattr (frame=0x7fbadcd737b0, this=0x1048250, fd=0x7fbacfe4004c, name=0x0) at ../../../libglusterfs/src/defaults.c:828 #4 0x00007fbade196aaa in default_fgetxattr (frame=0x7fbadcd73bb8, this=0x10494f0, fd=0x7fbacfe4004c, name=0x0) at ../../../libglusterfs/src/defaults.c:828 #5 0x00007fbad3790304 in qr_fgetxattr (frame=0x7fbadcd73f14, this=0x104a660, fd=0x7fbacfe4004c, name=0x0) at ../../../../../xlators/performance/quick-read/src/quick-read.c:2144 #6 0x00007fbade196aaa in default_fgetxattr (frame=0x7fbadcd73e68, this=0x104ba00, fd=0x7fbacfe4004c, name=0x0) at ../../../libglusterfs/src/defaults.c:828 #7 0x00007fbad332f019 in io_stats_fgetxattr (frame=0x7fbadcd73658, this=0x104ccd0, fd=0x7fbacfe4004c, name=0x0) at ../../../../../xlators/debug/io-stats/src/io-stats.c:2257 #8 0x00007fbad3109074 in posix_acl_fgetxattr (frame=0x7fbadcd73250, this=0x104dfe0, fd=0x7fbacfe4004c, name=0x0) at ../../../../../xlators/system/posix-acl/src/posix-acl.c:1882 #9 0x00007fbadb1181a4 in fuse_listxattr_resume (state=0x7fbac8000f50) at ../../../../../xlators/mount/fuse/src/fuse-bridge.c:2874 #10 0x00007fbadb0fd9e1 in fuse_resolve_and_resume (state=0x7fbac8000f50, fn=0x7fbadb117bc7 <fuse_listxattr_resume>) at ../../../../../xlators/mount/fuse/src/fuse-resolve.c:754 #11 0x00007fbadb118ce8 in fuse_listxattr (this=0x1033e30, finh=0x7fbac8001930, msg=0x7fbac8001958) at ../../../../../xlators/mount/fuse/src/fuse-bridge.c:2926 #12 0x00007fbadb11d6c6 in fuse_thread_proc (data=0x1033e30) at ../../../../../xlators/mount/fuse/src/fuse-bridge.c:3589 #13 0x00000037cd207b31 in start_thread () from /lib64/libpthread.so.0 #14 0x00000037ccedfd2d in clone () from /lib64/libc.so.6 (gdb) up #1 0x00007fbad81c4915 in quota_fgetxattr (frame=0x7fbadcd7406c, this=0x1045c60, fd=0x7fbacfe4004c, name=0x0) at ../../../../../xlators/features/quota/src/quota.c:2020 2020 if (strcasecmp (name, "trusted.limit.list") == 0) { (gdb) l 2015 quota_fgetxattr (call_frame_t *frame, xlator_t *this, fd_t *fd, 2016 const char *name) 2017 { 2018 int32_t ret = 0; 2019 2020 if (strcasecmp (name, "trusted.limit.list") == 0) { 2021 ret = quota_send_dir_limit_to_cli (frame, this, fd->inode, 2022 name); need to check for 'name' for being NULL before using it in strcasecmp().
sent a patch http://review.gluster.com/2743
CHANGE: http://review.gluster.com/2743 (features/quota: fix a crash in fgetxattr() by checking for NULL arg) merged in master by Vijay Bellur (vijay)
tested using 'extras/test/test-ffop.c', by removing unlink(), and building GlusterFS source with '-DGF_TEST_FFOP' flag. The crash happened with earlier version (before the patch went in), and now on release-3.3 it doesn't crash.