diff options
author | Kotresh HR <khiremat@redhat.com> | 2018-10-12 14:25:00 +0530 |
---|---|---|
committer | Amar Tumballi <amarts@redhat.com> | 2018-10-12 15:39:03 +0000 |
commit | c962e2cbd73e78f31e690f7b1f8456616006c543 (patch) | |
tree | 49ac30d65280a5a2d5ef391b776535c37d5bbc66 | |
parent | ac074e03437faf6f2f0897e6d9e7249ac0599b64 (diff) |
glusterd/geo-rep: Fix memory corruption
Problem and Analysis:
The length of canonical format of uuid is 36 but
'GF_UUID_BUF_SIZE 50' was being used everywhere.
glusterd/geo-rep code was earlier using strncpy,
but recently changes to memcpy with the drive
to avoid strncpys. This leads to memory corruption
and glusterd is crashing without a core with geo-rep
creation with ASAN build.
Fix:
'GF_UUID_BUF_SIZE 37' (+ 1 for NULL byte)
And change geo-rep to use UUID_CANONICAL_FORM_LEN
instead
Updates: bz#1633930
Change-Id: Ibd347d542b92e64a96ce06780cda643557233bc7
Signed-off-by: Kotresh HR <khiremat@redhat.com>
-rw-r--r-- | libglusterfs/src/glusterfs.h | 2 | ||||
-rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-geo-rep.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h index 376b7a7c673..1ebe2d8d1cd 100644 --- a/libglusterfs/src/glusterfs.h +++ b/libglusterfs/src/glusterfs.h @@ -284,7 +284,7 @@ enum gf_internal_fop_indicator { /* GlusterFS's maximum supported Auxiliary GIDs */ #define GF_MAX_AUX_GROUPS 65535 -#define GF_UUID_BUF_SIZE 50 +#define GF_UUID_BUF_SIZE 37 /* UUID_CANONICAL_FORM_LEN + NULL */ #define GF_UUID_BNAME_BUF_SIZE (320) /* (64 + 256) */ #define GF_REBALANCE_TID_KEY "rebalance-id" diff --git a/xlators/mgmt/glusterd/src/glusterd-geo-rep.c b/xlators/mgmt/glusterd/src/glusterd-geo-rep.c index dedd243c2dd..1aa38686d6f 100644 --- a/xlators/mgmt/glusterd/src/glusterd-geo-rep.c +++ b/xlators/mgmt/glusterd/src/glusterd-geo-rep.c @@ -588,7 +588,7 @@ struct slave_vol_config { char old_slvhost[_POSIX_HOST_NAME_MAX + 1]; char old_slvuser[LOGIN_NAME_MAX]; unsigned old_slvidx; - char slave_voluuid[GF_UUID_BUF_SIZE]; + char slave_voluuid[UUID_CANONICAL_FORM_LEN + 1]; }; static int @@ -1769,7 +1769,7 @@ glusterd_store_slave_in_info(glusterd_volinfo_t *volinfo, char *slave, goto out; /* Given the slave volume uuid, check and get any existing slave */ - memcpy(slave1.slave_voluuid, slave_voluuid, GF_UUID_BUF_SIZE); + memcpy(slave1.slave_voluuid, slave_voluuid, UUID_CANONICAL_FORM_LEN); ret = dict_foreach(volinfo->gsync_slaves, _get_slave_idx_slave_voluuid, &slave1); |