[Bugs] [Bug 1633930] ASan (address sanitizer) fixes - Blanket bug

bugzilla at redhat.com bugzilla at redhat.com
Tue Oct 16 12:00:18 UTC 2018


https://bugzilla.redhat.com/show_bug.cgi?id=1633930

Worker Ant <bugzilla-bot at gluster.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|POST                        |MODIFIED



--- Comment #19 from Worker Ant <bugzilla-bot at gluster.org> ---
COMMIT: https://review.gluster.org/21406 committed in master by "Amar Tumballi"
<amarts at redhat.com> with a commit message- cli: Fix heap-buffer-overflow issue
reported by ASAN

GF_MALLOC was being used to allocate memory which is
not initialized. strcat is used on it which could
result in buffer overflow if it contains garbage before
'\0'. So changed it to GF_CALLOC.

Traceback:

==23427==ERROR: AddressSanitizer: heap-buffer-overflow ...
WRITE of size 5 at 0x6080000083fe thread T3
 #0 0x7fb60966991c in __interceptor_strcat ...
 #1 0x48adc0 in config_parse ...
 #2 0x48cde8 in cli_cmd_gsync_set_parse ...
...

Updates: bz#1633930
Change-Id: I3710f011d8139984b1898265d84d150c9bdc962b
Signed-off-by: Kotresh HR <khiremat at redhat.com>

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.


More information about the Bugs mailing list