rpms
/
nfs-utils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

blkmapd: fix coredump in bl_add_disk (RHEL-7941) 

commit c1c35487aba2cec828d9b8a1be9043000beadea5
Author: Lixiaokeng <lixiaokeng@huawei.com>
Date:   Mon Oct 24 13:00:50 2022 -0400

    blkmapd: fix coredump in bl_add_disk

Signed-off-by: Steve Dickson <steved@redhat.com>
Resolves: RHEL-7941
This commit is contained in:
Steve Dickson 2024-02-05 12:24:18 -05:00
parent 8634aff6c0
commit 613b0c4ada
2 changed files with 91 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
nfs-utils-2.5.4-blkmapd-double-free.patch Normal file
View File

@ -0,0 +1,89 @@
commit c1c35487aba2cec828d9b8a1be9043000beadea5
Author: Lixiaokeng <lixiaokeng@huawei.com>
Date: Mon Oct 24 13:00:50 2022 -0400
blkmapd: fix coredump in bl_add_disk
The serial->data is not malloced separately (just part of
the serial), so it can't be freed. The bl_serial has its
own free function. Use it.
Signed-off-by: Lixiaokeng <lixiaokeng@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/blkmapd/device-discovery.c b/utils/blkmapd/device-discovery.c
index 49935c2e..bd890598 100644
--- a/utils/blkmapd/device-discovery.c
+++ b/utils/blkmapd/device-discovery.c
@@ -187,10 +187,7 @@ static void bl_add_disk(char *filepath)
}
if (disk && diskpath) {
- if (serial) {
- free(serial->data);
- free(serial);
- }
+ bl_free_scsi_string(serial);
return;
}
@@ -228,10 +225,7 @@ static void bl_add_disk(char *filepath)
disk->size = size;
disk->valid_path = path;
}
- if (serial) {
- free(serial->data);
- free(serial);
- }
+ bl_free_scsi_string(serial);
}
return;
@@ -241,10 +235,7 @@ static void bl_add_disk(char *filepath)
free(path->full_path);
free(path);
}
- if (serial) {
- free(serial->data);
- free(serial);
- }
+ bl_free_scsi_string(serial);
return;
}
diff --git a/utils/blkmapd/device-discovery.h b/utils/blkmapd/device-discovery.h
index a86eed99..462aa943 100644
--- a/utils/blkmapd/device-discovery.h
+++ b/utils/blkmapd/device-discovery.h
@@ -151,6 +151,8 @@ uint64_t process_deviceinfo(const char *dev_addr_buf,
extern ssize_t atomicio(ssize_t(*f) (int, void *, size_t),
int fd, void *_s, size_t n);
+extern struct bl_serial *bl_create_scsi_string(int len, const char *bytes);
+extern void bl_free_scsi_string(struct bl_serial *str);
extern struct bl_serial *bldev_read_serial(int fd, const char *filename);
extern enum bl_path_state_e bldev_read_ap_state(int fd);
extern int bl_discover_devices(void);
diff --git a/utils/blkmapd/device-inq.c b/utils/blkmapd/device-inq.c
index c7952c3e..9e5749ef 100644
--- a/utils/blkmapd/device-inq.c
+++ b/utils/blkmapd/device-inq.c
@@ -53,7 +53,7 @@
#define DEF_ALLOC_LEN 255
#define MX_ALLOC_LEN (0xc000 + 0x80)
-static struct bl_serial *bl_create_scsi_string(int len, const char *bytes)
+struct bl_serial *bl_create_scsi_string(int len, const char *bytes)
{
struct bl_serial *s;
@@ -66,7 +66,7 @@ static struct bl_serial *bl_create_scsi_string(int len, const char *bytes)
return s;
}
-static void bl_free_scsi_string(struct bl_serial *str)
+void bl_free_scsi_string(struct bl_serial *str)
{
if (str)
free(str);

2
nfs-utils.spec
View File

@ -56,6 +56,7 @@ Patch020: nfs-utils-2.5.4-gssd-bad-integ-error-support.patch
Patch021: nfs-utils-2.5.4-mount-mountconf-typo.patch
Patch022: nfs-utils-2.5.4-support-for-rpc-with-tls.patch
Patch023: nfs-utils-2.5.4-fix-typos-in-messages.patch
Patch024: nfs-utils-2.5.4-blkmapd-double-free.patch
Patch100: nfs-utils-1.2.1-statdpath-man.patch
Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch
@ -499,6 +500,7 @@ fi
%changelog
* Mon Feb 5 2024 Steve Dickson <steved@redhat.com> 2.5.4-23
- Typos and documentation fixes (RHEL-22654)
- blkmapd: fix coredump in bl_add_disk (RHEL-7941)
* Thu Feb 1 2024 Steve Dickson <steved@redhat.com> 2.5.4-22
- nfsmount.conf: Fix typo of the attribute name (RHEL-7904)