Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-17400

lfs changelog 08RENME records changelog_rec_sname string overrun

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • Lustre 2.16.0
    • Lustre 2.15.4
    • AlmaLinux 8.9
      uname -r: 4.18.0-513.9.1.el8_lustre.x86_64
      modinfo -F version lustre: 2.15.4
    • 3
    • 9223372036854775807

    Description

      6331eadbd6 had the following change for the changelog_rec_snamelen() function:

      -       return cr_name + strlen(cr_name) + 1;
+       return strlen(changelog_rec_sname(rec));

      The "sname" char array is limited by the struct changelog_rec.cr_namelen value and has no '\0' character allocated to it, so strlen() will overrun the char array till it finds the next '\0' char.

      [root@lustre.test ~]# cd /lustre/fs/path/test
[root@lustre.test test]# cat 08RENME.sh 
#!/bin/bash

mkdir -p test/a test/b
cd test
echo 'hello world' > hw
touch large_file_name
mv hw a/a.hw
mv a/a.hw b/b.hw
[root@lustre.test test]# # changelog is enabled on system
[root@lustre.test test]# ./08RENME.sh
[root@lustre.test test]# lfs changelog Test-MDT0000 > /tmp/1
[root@lustre.test test]# cat /tmp/1
1 02MKDIR 18:15:46.662260625 2024.01.05 0x0 t=[0x200000bd1:0x1:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000007:0x1:0x0] test
2 02MKDIR 18:15:46.663947475 2024.01.05 0x0 t=[0x200000bd1:0x2:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000bd1:0x1:0x0] a
3 02MKDIR 18:15:46.664793663 2024.01.05 0x0 t=[0x200000bd1:0x4:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000bd1:0x1:0x0] b
4 01CREAT 18:15:46.665888981 2024.01.05 0x0 t=[0x200000bd1:0x5:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000bd1:0x1:0x0] hw
5 11CLOSE 18:15:46.685258476 2024.01.05 0x242 t=[0x200000bd1:0x5:0x0] ef=0xf u=0:0 nid=0@lo
6 01CREAT 18:15:46.690481215 2024.01.05 0x0 t=[0x200000bd1:0x6:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000bd1:0x1:0x0] large_file_name
7 11CLOSE 18:15:46.691566718 2024.01.05 0x42 t=[0x200000bd1:0x6:0x0] ef=0xf u=0:0 nid=0@lo
8 08RENME 18:15:46.694667908 2024.01.05 0x0 t=[0:0x0:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000bd1:0x2:0x0] a.hw s=[0x200000bd1:0x5:0x0] sp=[0x200000bd1:0x1:0x0] hwile_name
9 08RENME 18:15:46.697111676 2024.01.05 0x0 t=[0:0x0:0x0] ef=0xf u=0:0 nid=0@lo p=[0x200000bd1:0x4:0x0] b.hw s=[0x200000bd1:0x5:0x0] sp=[0x200000bd1:0x2:0x0] a.hwe_name

      Records 8 and 9 show "hwile_name" and "a.hwe_name" when they should be "hw" and "a.hw" respectively.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-15798 RHEL9 / gcc-11 adds -Wstringop-overread false warnings

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-15420 Linux kernel 5.15 support

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            People

              joshs Josh Samuelson
              joshs Josh Samuelson
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: