[Bugs] [Bug 1349276] New: Buffer overflow when attempting to create filesystem using libgfapi as driver on OpenStack

bugzilla at redhat.com bugzilla at redhat.com
Thu Jun 23 06:46:03 UTC 2016 

https://bugzilla.redhat.com/show_bug.cgi?id=1349276

            Bug ID: 1349276
           Summary: Buffer overflow when attempting to create filesystem
                    using libgfapi as driver on OpenStack
           Product: GlusterFS
           Version: mainline
         Component: libgfapi
          Severity: high
          Assignee: bugs at gluster.org
          Reporter: jthottan at redhat.com
        QA Contact: sdharane at redhat.com
                CC: bugs at gluster.org, joe at julianfamily.org,
                    rhbugzilla at ajaton.net, sdharane at redhat.com
        Depends On: 1348935



+++ This bug was initially created as a clone of Bug #1348935 +++

Description of problem:

Having GlusterFS to provide OpenStack Cinder volume storage using libgfapi
causes buffer overflow when trying to create a filesystem to attached volume.
This results qemu-kvm process for the instance to be terminated.

Version-Release number of selected component (if applicable):
* GlusterFS 3.8.0 on all the involved servers
* CentOS 7.1
* libvirt-daemon-1.2.8-16.el7_1.5.x86_64
* qemu-kvm-1.5.3-86.el7_1.8.x86_64

How reproducible:
Tested in three different environments and all fail similarly.

Steps to Reproduce:
1. deploy an instance
2. attach volume (of type glusterfs)
3. attempt mkfs.ext4 /dev/vdb1

Actual results:
[2016-06-22 09:15:09.350992] E [glfs-fops.c:806:glfs_io_async_cbk]
(-->/usr/lib64/glusterfs/3.8.0/xlator/debug/io-stats.so(+0x11e12)
[0x7eff84cb8e12] -->/lib64/libgfapi.so.0(+0xbe7d) [0x7f0000ce2e7d]
-->/lib64/libgfapi.so.0(+0xbd96) [0x7f0000ce2d96] ) 0-gfapi: invalid argument:
iovec [Invalid argument]
*** buffer overflow detected ***: /usr/libexec/qemu-kvm terminated

Expected results:
* filesystem to be created without crashing the instance

Additional info:
There was no such issue with 3.7.11 but we upgraded due to memory leak issues
with libgfapi.

--- Additional comment from Joe Julian on 2016-06-22 10:36:58 EDT ---

Unless I'm reading this wrong, every place that glfs_io_async_cbk is called,
the return value is never checked so when that error takes place, none of the
unrefs or frees are ever done.


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1348935
[Bug 1348935] Buffer overflow when attempting to create filesystem using
libgfapi as driver on OpenStack
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

More information about the Bugs mailing list