Attachment 10937 Details for Bug 11201 – Patches for 4.2

[patch] Patches for 4.2

v4-2-test-bz11201.patch (text/plain), 14.77 KB, created by Martin Schwenke on 2015-04-09 05:12:03 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Martin Schwenke

Created: 2015-04-09 05:12:03 UTC

Size: 14.77 KB

patch

obsolete

>From 202669fad3f2c1450025af7041f1614b740a8c8f Mon Sep 17 00:00:00 2001
>From: Amitay Isaacs <amitay@gmail.com>
>Date: Tue, 14 Oct 2014 17:52:55 +1100
>Subject: [PATCH 01/11] ctdb-tools: Fix heap-use-after-free problem
>
>Found by address sanitizer.
>
>Signed-off-by: Amitay Isaacs <amitay@gmail.com>
>Reviewed-by: Martin Schwenke <martin@meltin.net>
>
>Autobuild-User(master): Martin Schwenke <martins@samba.org>
>Autobuild-Date(master): Fri Oct 17 12:56:02 CEST 2014 on sn-devel-104
>
>(cherry picked from commit 470af881479d1a1588dc23ef40622b4d8f006b61)
>---
> ctdb/tools/ctdb.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
>diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
>index 6414c24..c386d35 100644
>--- a/ctdb/tools/ctdb.c
>+++ b/ctdb/tools/ctdb.c
>@@ -928,6 +928,7 @@ static int find_node_xpnn(void)
> 	TALLOC_CTX *mem_ctx = talloc_new(NULL);
> 	struct pnn_node *pnn_nodes;
> 	struct pnn_node *pnn_node;
>+	int pnn;
> 
> 	pnn_nodes = read_nodes_file(mem_ctx);
> 	if (pnn_nodes == NULL) {
>@@ -938,8 +939,9 @@ static int find_node_xpnn(void)
> 
> 	for(pnn_node=pnn_nodes;pnn_node;pnn_node=pnn_node->next) {
> 		if (ctdb_sys_have_ip(&pnn_node->addr)) {
>+			pnn = pnn_node->pnn;
> 			talloc_free(mem_ctx);
>-			return pnn_node->pnn;
>+			return pnn;
> 		}
> 	}
> 
>@@ -1850,6 +1852,7 @@ find_other_host_for_public_ip(struct ctdb_context *ctdb, ctdb_sock_addr *addr)
> 	struct ctdb_all_public_ips *ips;
> 	struct ctdb_node_map *nodemap=NULL;
> 	int i, j, ret;
>+	int pnn;
> 
> 	ret = ctdb_ctrl_getnodemap(ctdb, TIMELIMIT(), CTDB_CURRENT_NODE, tmp_ctx, &nodemap);
> 	if (ret != 0) {
>@@ -1875,8 +1878,9 @@ find_other_host_for_public_ip(struct ctdb_context *ctdb, ctdb_sock_addr *addr)
> 
> 		for (j=0;j<ips->num;j++) {
> 			if (ctdb_same_ip(addr, &ips->ips[j].addr)) {
>+				pnn = nodemap->nodes[i].pnn;
> 				talloc_free(tmp_ctx);
>-				return nodemap->nodes[i].pnn;
>+				return pnn;
> 			}
> 		}
> 		talloc_free(ips);
>-- 
>2.1.4
>
>
>From 22cb227eb8925e5b9be5fdff6cb670685dc6bd61 Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Sat, 7 Mar 2015 10:29:21 +0000
>Subject: [PATCH 02/11] ctdb: Fix 1125553 Buffer not null terminated
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Ira Cooper <ira@samba.org>
>(cherry picked from commit 621bd0784290f24e229caf0590206805f6f2e75c)
>---
> ctdb/common/system_linux.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c
>index 97a57ac..fdb8d12 100644
>--- a/ctdb/common/system_linux.c
>+++ b/ctdb/common/system_linux.c
>@@ -100,7 +100,7 @@ int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface)
> 		}
> 
> 		DEBUG(DEBUG_DEBUG, (__location__ " Created SOCKET FD:%d for sending arp\n", s));
>-		strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name)-1);
>+		strlcpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));
> 		if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) {
> 			DEBUG(DEBUG_CRIT,(__location__ " interface '%s' not found\n", iface));
> 			close(s);
>-- 
>2.1.4
>
>
>From 6e5a0c0527f48dde4434a5f0e6b54a6490289fda Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Wed, 11 Mar 2015 10:58:11 +0000
>Subject: [PATCH 03/11] ctdb: Fix CID 1288201 Array compared against 0
>
>"helper_prog" is now declared as a static array
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit f724bfb44a6086a17d90a802c3965a0b9fd09ebd)
>---
> ctdb/server/eventscript.c | 4 ----
> 1 file changed, 4 deletions(-)
>
>diff --git a/ctdb/server/eventscript.c b/ctdb/server/eventscript.c
>index 28bbb54..f323e50 100644
>--- a/ctdb/server/eventscript.c
>+++ b/ctdb/server/eventscript.c
>@@ -447,10 +447,6 @@ static void ctdb_run_debug_hung_script(struct ctdb_context *ctdb, struct debug_h
> 	const char **argv;
> 	int i;
> 
>-	if (helper_prog == NULL) {
>-		return;
>-	}
>-
> 	if (pipe(fd) < 0) {
> 		DEBUG(DEBUG_ERR,("Failed to create pipe fd for debug hung script\n"));
> 		return;
>-- 
>2.1.4
>
>
>From 7d67a5f620ff2b55837bd9c49c59efa43fe182f8 Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Fri, 13 Mar 2015 14:11:20 +0000
>Subject: [PATCH 04/11] ctdb: Make for-loop in ctdb_get_script_list more
> idiomatic
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>(cherry picked from commit a8cc495b967935852c5357c3a4ef3d37579fb51b)
>---
> ctdb/server/eventscript.c | 13 +++++++------
> 1 file changed, 7 insertions(+), 6 deletions(-)
>
>diff --git a/ctdb/server/eventscript.c b/ctdb/server/eventscript.c
>index f323e50..a212fa2 100644
>--- a/ctdb/server/eventscript.c
>+++ b/ctdb/server/eventscript.c
>@@ -160,7 +160,7 @@ static struct ctdb_scripts_wire *ctdb_get_script_list(struct ctdb_context *ctdb,
> {
> 	struct dirent **namelist;
> 	struct ctdb_scripts_wire *scripts;
>-	int count;
>+	int i, count;
> 
> 	/* scan all directory entries and insert all valid scripts into the 
> 	   tree
>@@ -183,11 +183,12 @@ static struct ctdb_scripts_wire *ctdb_get_script_list(struct ctdb_context *ctdb,
> 	}
> 	scripts->num_scripts = count;
> 
>-	for (count = 0; count < scripts->num_scripts; count++) {
>-		strcpy(scripts->scripts[count].name, namelist[count]->d_name);
>-		scripts->scripts[count].status = 0;
>-		if (!check_executable(ctdb->event_script_dir, namelist[count]->d_name)) {
>-			scripts->scripts[count].status = -errno;
>+	for (i = 0; i < count; i++) {
>+		strcpy(scripts->scripts[i].name, namelist[i]->d_name);
>+		scripts->scripts[i].status = 0;
>+		if (!check_executable(ctdb->event_script_dir,
>+				      namelist[i]->d_name)) {
>+			scripts->scripts[i].status = -errno;
> 		}
> 	}
> 
>-- 
>2.1.4
>
>
>From 7b9dbdfbe9b26801033d57465c0938e425b7199f Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Fri, 13 Mar 2015 14:12:41 +0000
>Subject: [PATCH 05/11] ctdb: Fix memleak in ctdb_get_script_list
>
>scandir allocates every name individually, see example code in susv4 or man
>scandir
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>(cherry picked from commit c1e8bfb186c5cbeafbce9f2767db82edb579d5e1)
>---
> ctdb/server/eventscript.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
>diff --git a/ctdb/server/eventscript.c b/ctdb/server/eventscript.c
>index a212fa2..523c8f1 100644
>--- a/ctdb/server/eventscript.c
>+++ b/ctdb/server/eventscript.c
>@@ -178,8 +178,7 @@ static struct ctdb_scripts_wire *ctdb_get_script_list(struct ctdb_context *ctdb,
> 				   + sizeof(scripts->scripts[0]) * count);
> 	if (scripts == NULL) {
> 		DEBUG(DEBUG_ERR, (__location__ " Failed to allocate scripts\n"));
>-		free(namelist);
>-		return NULL;
>+		goto done;
> 	}
> 	scripts->num_scripts = count;
> 
>@@ -192,6 +191,10 @@ static struct ctdb_scripts_wire *ctdb_get_script_list(struct ctdb_context *ctdb,
> 		}
> 	}
> 
>+done:
>+	for (i=0; i<count; i++) {
>+		free(namelist[i]);
>+	}
> 	free(namelist);
> 	return scripts;
> }
>-- 
>2.1.4
>
>
>From be089b3302f4938fa9899a1b6afca36d969936a8 Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Fri, 13 Mar 2015 14:16:17 +0000
>Subject: [PATCH 06/11] ctdb: Introduce a helper var in ctdb_get_script_list
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>(cherry picked from commit 8d9bb5c54aae0099e0dde2d9a904676fcb9340c0)
>---
> ctdb/server/eventscript.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
>diff --git a/ctdb/server/eventscript.c b/ctdb/server/eventscript.c
>index 523c8f1..c8ee1d4 100644
>--- a/ctdb/server/eventscript.c
>+++ b/ctdb/server/eventscript.c
>@@ -183,11 +183,13 @@ static struct ctdb_scripts_wire *ctdb_get_script_list(struct ctdb_context *ctdb,
> 	scripts->num_scripts = count;
> 
> 	for (i = 0; i < count; i++) {
>-		strcpy(scripts->scripts[i].name, namelist[i]->d_name);
>-		scripts->scripts[i].status = 0;
>+		struct ctdb_script_wire *s = &scripts->scripts[i];
>+
>+		strcpy(s->name, namelist[i]->d_name);
>+		s->status = 0;
> 		if (!check_executable(ctdb->event_script_dir,
> 				      namelist[i]->d_name)) {
>-			scripts->scripts[i].status = -errno;
>+			s->status = -errno;
> 		}
> 	}
> 
>-- 
>2.1.4
>
>
>From f4443699b8911604143c8f15c2bd1d233c56b31d Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Fri, 13 Mar 2015 14:20:05 +0000
>Subject: [PATCH 07/11] ctdb: Fix CID 1125613 Destination buffer too small
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>
>Autobuild-User(master): Michael Adam <obnox@samba.org>
>Autobuild-Date(master): Fri Mar 13 19:14:20 CET 2015 on sn-devel-104
>
>(cherry picked from commit d171d2010a256a46446de5328a0897df3838855a)
>---
> ctdb/server/eventscript.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
>diff --git a/ctdb/server/eventscript.c b/ctdb/server/eventscript.c
>index c8ee1d4..e3131b3 100644
>--- a/ctdb/server/eventscript.c
>+++ b/ctdb/server/eventscript.c
>@@ -185,7 +185,12 @@ static struct ctdb_scripts_wire *ctdb_get_script_list(struct ctdb_context *ctdb,
> 	for (i = 0; i < count; i++) {
> 		struct ctdb_script_wire *s = &scripts->scripts[i];
> 
>-		strcpy(s->name, namelist[i]->d_name);
>+		if (strlcpy(s->name, namelist[i]->d_name, sizeof(s->name)) >=
>+		    sizeof(s->name)) {
>+			s->status = -ENAMETOOLONG;
>+			continue;
>+		}
>+
> 		s->status = 0;
> 		if (!check_executable(ctdb->event_script_dir,
> 				      namelist[i]->d_name)) {
>@@ -339,6 +344,7 @@ static int script_status(struct ctdb_scripts_wire *scripts)
> 
> 	for (i = 0; i < scripts->num_scripts; i++) {
> 		switch (scripts->scripts[i].status) {
>+		case -ENAMETOOLONG:
> 		case -ENOENT:
> 		case -ENOEXEC:
> 			/* Disabled or missing; that's OK. */
>-- 
>2.1.4
>
>
>From ca23bde957217a33746e7cad38e2c2ade75d5be7 Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Thu, 26 Mar 2015 13:06:26 +0100
>Subject: [PATCH 08/11] ctdb: Fix CID 1125634 Out-of-bounds write
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>(cherry picked from commit 93d4e801298d8ebb7261adbfc2bdb1a5fbe7115c)
>---
> ctdb/tests/src/ctdb_takeover_tests.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/ctdb/tests/src/ctdb_takeover_tests.c b/ctdb/tests/src/ctdb_takeover_tests.c
>index 8b07325..7ff8755 100644
>--- a/ctdb/tests/src/ctdb_takeover_tests.c
>+++ b/ctdb/tests/src/ctdb_takeover_tests.c
>@@ -431,7 +431,7 @@ static void ctdb_test_init(const char nodestates[],
> 	while (tok != NULL) {
> 		nodeflags[numnodes] = (uint32_t) strtol(tok, NULL, 0);
> 		numnodes++;
>-		if (numnodes > CTDB_TEST_MAX_NODES) {
>+		if (numnodes >= CTDB_TEST_MAX_NODES) {
> 			DEBUG(DEBUG_ERR, ("ERROR: Exceeding CTDB_TEST_MAX_NODES: %d\n", CTDB_TEST_MAX_NODES));
> 			exit(1);
> 		}
>-- 
>2.1.4
>
>
>From 7ed38ab48fd17c8fe0b737e8a0984c2cf7b1817d Mon Sep 17 00:00:00 2001
>From: Volker Lendecke <vl@samba.org>
>Date: Thu, 26 Mar 2015 13:11:14 +0100
>Subject: [PATCH 09/11] ctdb: Fix CID 1125615 Copy into fixed size buffer
>
>Might be a "can't happen", but strcpy always looks fishy
>
>Signed-off-by: Volker Lendecke <vl@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>(cherry picked from commit 508b45fca93ca2dfb048fdf7465602bc34df42db)
>---
> ctdb/tests/src/ctdb_test_stubs.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
>diff --git a/ctdb/tests/src/ctdb_test_stubs.c b/ctdb/tests/src/ctdb_test_stubs.c
>index 82e82f3..c57f6ca 100644
>--- a/ctdb/tests/src/ctdb_test_stubs.c
>+++ b/ctdb/tests/src/ctdb_test_stubs.c
>@@ -515,7 +515,12 @@ int32_t ctdb_control_get_ifaces(struct ctdb_context *ctdb,
> 
> 	i = 0;
> 	for (cur=ctdb->ifaces;cur;cur=cur->next) {
>-		strcpy(ifaces->ifaces[i].name, cur->name);
>+		size_t nlen = strlcpy(ifaces->ifaces[i].name, cur->name,
>+				      sizeof(ifaces->ifaces[i].name));
>+		if (nlen >= sizeof(ifaces->ifaces[i].name)) {
>+			/* Ignore invalid name */
>+			continue;
>+		}
> 		ifaces->ifaces[i].link_state = cur->link_up;
> 		ifaces->ifaces[i].references = cur->references;
> 		i++;
>-- 
>2.1.4
>
>
>From 6ee63f058dbd7aa05e830bc633ec4e1ef91a56cb Mon Sep 17 00:00:00 2001
>From: Rajesh Joseph <rjoseph@redhat.com>
>Date: Tue, 31 Mar 2015 18:43:36 +0530
>Subject: [PATCH 10/11] ctdb: Coverity fix for CID 1291643
>
>CID 1291643: Resource leak: leaked_handle: Handle
>variable lock_fd going out of scope leaks the handle.
>
>Fix: on failure case release handle variable lock_fd
>
>Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
>Reviewed-by: Michael Adam <obnox@samba.org>
>Reviewed-by: David Disseldorp <ddiss@samba.org>
>(cherry picked from commit 801bdcde6a7a92acfdb26d87a17a33802e166a2d)
>
>Conflicts:
>	ctdb/tcp/tcp_connect.c
>---
> ctdb/tcp/tcp_connect.c | 9 +++++++--
> 1 file changed, 7 insertions(+), 2 deletions(-)
>
>diff --git a/ctdb/tcp/tcp_connect.c b/ctdb/tcp/tcp_connect.c
>index 8a112ff..af6d1bd 100644
>--- a/ctdb/tcp/tcp_connect.c
>+++ b/ctdb/tcp/tcp_connect.c
>@@ -385,12 +385,17 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb)
> 					strerror(errno), errno));
> 		}
> 	}
>-	
>+
> 	if (i == ctdb->num_nodes) {
> 		DEBUG(DEBUG_CRIT,("Unable to bind to any of the node addresses - giving up\n"));
> 		goto failed;
> 	}
> 	ctdb->address.address = talloc_strdup(ctdb, ctdb->nodes[i]->address.address);
>+	if (ctdb->address.address == NULL) {
>+		ctdb_set_error(ctdb, "Out of memory at %s:%d",
>+			       __FILE__, __LINE__);
>+		goto failed;
>+	}
> 	ctdb->address.port    = ctdb->nodes[i]->address.port;
> 	ctdb->name = talloc_asprintf(ctdb, "%s:%u", 
> 				     ctdb->address.address, 
>@@ -400,7 +405,7 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb)
> 		 ctdb->address.address, 
> 		 ctdb->address.port, 
> 		 ctdb->pnn));
>-	
>+
> 	if (listen(ctcp->listen_fd, 10) == -1) {
> 		goto failed;
> 	}
>-- 
>2.1.4
>
>
>From 64c349afbac6041f3f4aba8b3cf6a4cc4dd81144 Mon Sep 17 00:00:00 2001
>From: David Disseldorp <ddiss@samba.org>
>Date: Tue, 31 Mar 2015 18:06:43 +0200
>Subject: [PATCH 11/11] ctdb: check for talloc_asprintf() failure
>
>Signed-off-by: David Disseldorp <ddiss@samba.org>
>Reviewed-by: Michael Adam <obnox@samba.org>
>
>Autobuild-User(master): Michael Adam <obnox@samba.org>
>Autobuild-Date(master): Wed Apr  1 15:36:03 CEST 2015 on sn-devel-104
>
>(cherry picked from commit 12309f8bfb70878bec5fcec4681eb4e463e07357)
>
>Conflicts:
>	ctdb/tcp/tcp_connect.c
>---
> ctdb/tcp/tcp_connect.c | 15 ++++++++++-----
> 1 file changed, 10 insertions(+), 5 deletions(-)
>
>diff --git a/ctdb/tcp/tcp_connect.c b/ctdb/tcp/tcp_connect.c
>index af6d1bd..da4e6e1 100644
>--- a/ctdb/tcp/tcp_connect.c
>+++ b/ctdb/tcp/tcp_connect.c
>@@ -397,13 +397,18 @@ static int ctdb_tcp_listen_automatic(struct ctdb_context *ctdb)
> 		goto failed;
> 	}
> 	ctdb->address.port    = ctdb->nodes[i]->address.port;
>-	ctdb->name = talloc_asprintf(ctdb, "%s:%u", 
>-				     ctdb->address.address, 
>+	ctdb->name = talloc_asprintf(ctdb, "%s:%u",
>+				     ctdb->address.address,
> 				     ctdb->address.port);
>+	if (ctdb->name == NULL) {
>+		ctdb_set_error(ctdb, "Out of memory at %s:%d",
>+			       __FILE__, __LINE__);
>+		goto failed;
>+	}
> 	ctdb->pnn = ctdb->nodes[i]->pnn;
>-	DEBUG(DEBUG_INFO,("ctdb chose network address %s:%u pnn %u\n", 
>-		 ctdb->address.address, 
>-		 ctdb->address.port, 
>+	DEBUG(DEBUG_INFO,("ctdb chose network address %s:%u pnn %u\n",
>+		 ctdb->address.address,
>+		 ctdb->address.port,
> 		 ctdb->pnn));
> 
> 	if (listen(ctcp->listen_fd, 10) == -1) {
>-- 
>2.1.4
>

Flags:

amitay: review+

Actions: View

Attachments on bug 11201: 10937