[LU-9245] lgss_sk may unsafely overwrite nodemap and fsname fields in keys Created: 23/Mar/17 Updated: 18/Jul/17 Resolved: 06/Apr/17 |
|
| Status: | Resolved |
| Project: | Lustre |
| Component/s: | None |
| Affects Version/s: | Lustre 2.9.0 |
| Fix Version/s: | Lustre 2.10.0 |
| Type: | Bug | Priority: | Trivial |
| Reporter: | Chris Hanna | Assignee: | Chris Hanna |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Issue Links: |
|
||||||||
| Severity: | 4 | ||||||||
| Rank (Obsolete): | 9223372036854775807 | ||||||||
| Description |
|
lgss_sk.c uses strncpy() to modify names of strings for both fsname and nodemap fields. If the replacement string is smaller than the original string, it will not be zero terminated properly. For example, replacing a nodemap name of "default" with "c0" with the lgss_sk utility can result in invalid names such as: Nodemap name: c0fault I will submit a small patch to switch this to snprintf(), although being a little more verbose, will be safe to use on a parameter of variable length. |
| Comments |
| Comment by Gerrit Updater [ 23/Mar/17 ] |
|
Chris Hanna (hannac@iu.edu) uploaded a new patch: https://review.whamcloud.com/26165 |
| Comment by Gerrit Updater [ 06/Apr/17 ] |
|
Oleg Drokin (oleg.drokin@intel.com) merged in patch https://review.whamcloud.com/26165/ |
| Comment by Peter Jones [ 06/Apr/17 ] |
|
Landed for 2.10 |
| Comment by Chris Hanna [ 18/Jul/17 ] |
|
There's been a reversion here, this patch needs to be applied again to the 2.10 code. Do I need to submit the same patch again? |
| Comment by James A Simmons [ 18/Jul/17 ] |
|
We could roll it into the |
| Comment by Chris Hanna [ 18/Jul/17 ] |
|
Sure! It's a tiny patch, I only noticed the reversion because of a test failure. |