[Bugs] [Bug 1635373] ASan (address sanitizer) fixes - Blanket bug

bugzilla at redhat.com bugzilla at redhat.com
Tue Oct 2 22:59:21 UTC 2018


Worker Ant <bugzilla-bot at gluster.org> changed:

           What    |Removed                     |Added
             Status|POST                        |MODIFIED

--- Comment #2 from Worker Ant <bugzilla-bot at gluster.org> ---
COMMIT: https://review.gluster.org/21322 committed in release-5 by "Shyamsundar
Ranganathan" <srangana at redhat.com> with a commit message- mdcache: Fix asan
reported potential heap buffer overflow

The char pointer mdc_xattr_str in function mdc_xattr_list_populate
is malloc'd and doing a strcat into a malloc'd region can
overflow content allocated based on prior contents of the
memory region.

Added a NULL terimation to the malloc'd region to prevent
the overflow, and treat it as an empty string.

Change-Id: If0decab669551581230a8ede4c44c319ff04bac9
Updates: bz#1635373
Signed-off-by: ShyamsundarR <srangana at redhat.com>
(cherry picked from commit d00a2a1b398346bbdc5ac9b3ba4b09fb1ce1e699)

You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

More information about the Bugs mailing list