Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-2753 Tracking bug for static code analysis fixes.
  3. LU-1853

'out-of-bounds access' error in osd_scrub_setup()

    XMLWordPrintable

Details

    • Technical task
    • Resolution: Won't Fix
    • Major
    • None
    • Lustre 2.4.0
    • 6334

    Description

      In osd_scrub_setup(), id variable is of type 'struct osd_inode_id *' (size 8). But then this variable is passed to __osd_oi_lookup(), and in this function, it is passed to osd_oi_iam_lookup(), which casts it to a 'struct dt_rec *'. Then it is passed to osd_fid_unpack() by casting it to 'struct lu_fid *'. And at last, inside this function, a memcpy() is performed considering the variable is of type 'struct lu_fid *', which is of size 16.
      So we are accessing memory beyond what was allocated for that variable.

      I do not know how to fix this issue, as it is quite complex.

      Attachments

        Activity

          People

            yong.fan nasf (Inactive)
            sebastien.buisson Sebastien Buisson (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: