-
-
Notifications
You must be signed in to change notification settings - Fork 439
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sadc crashes on a mtab file with really long lines #162
Comments
Hi Robert, Thank you for your bug report and your patch. Regards, |
@sysstat how can I change sysstat.ioconf to avoid the segment fault, not merge the patch version 11.2.0 ubuntu 16.04. Fixed at https://launchpad.net/ubuntu/+source/sysstat/11.2.0-1ubuntu0.2 |
Fixing the problem requires applying the patch, not changing sysstat.ioconf. |
A segmentation fault may happen with "sadc -S DISK..." or "sadc -S XDISK..." when lines longer than 512 bytes are read from /etc/mtab. Such lines are possible for instance when overlay2 filesystem with docker is used. In such a case a single mtab entry can look like this (note that new line characters were added for readability, the original entry contained only one '\n' at the end): overlay /var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2ccdc03 7e0ee5d9e54f87e59f07f4398e71f/merged overlay rw,relatime,lowerdir=/v ar/lib/docker/overlay2/l/L6VKIYXWBQSJ5R7V35SS43R6Y6:/var/lib/docker/ overlay2/l/UCCHKGXUJPWCMLHR36IZJNNIQP:/var/lib/docker/overlay2/l/RKV YEXD2FH65FTMK76RDWPLESX:/var/lib/docker/overlay2/l/DX4JZRKTFP2GOO4V6 OWQ6CPJFY:/var/lib/docker/overlay2/l/6CYNWDKADUPPDZJ5IHOH2R7Y5S:/var /lib/docker/overlay2/l/JTPINUZIATXADL6XWFHG2OYGSF:/var/lib/docker/ov erlay2/l/OTSTIV5TTRHF4IUD7BODQ2FUON:/var/lib/docker/overlay2/l/QFNH3 EFS5EZGRTC4DPHU3PJ4TU:/var/lib/docker/overlay2/l/ZOOUKT2E5U4CSLP57Z7 MXYX5CD:/var/lib/docker/overlay2/l/3LUU6IDR2HWPTVBARC5K6XSMRC:/var/l ib/docker/overlay2/l/XOHYBP4RWXQKQZ43I7JKG24KE4:/var/lib/docker/over lay2/l/MN5M5B7AY5LPXQQC6V2MBJWWBF:/var/lib/docker/overlay2/l/3DRMKQ3 4AIZD2AROU3TVK3OCUT:/var/lib/docker/overlay2/l/73ZXDHBV6C53Q3SPXA57E OLGHU:/var/lib/docker/overlay2/l/C2IZBQ55EUTGEAAORSLE73ZPNM:/var/lib /docker/overlay2/l/ITHARNV7RPWN5S3BCZ2QDMZIMJ:/var/lib/docker/overla y2/l/TQKUV4LEG4AFUUCMFHHRLDBHAH:/var/lib/docker/overlay2/l/N75JZWPPD EKJ4DTN4GMEGTDIZL:/var/lib/docker/overlay2/l/QGUUYAETPMK643DG3AKWJAI IZA,upperdir=/var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2c cdc037e0ee5d9e54f87e59f07f4398e71f/diff,workdir=/var/lib/docker/over lay2/f23d2377a67b9ab1b49555ecd09b2ccdc037e0ee5d9e54f87e59f07f4398e71 f/work 0 0 The crash occurs in the get_filesystem_nr() and read_filesystem() functions which call strchr(line, ' ') but fail to check if the result is not NULL. This patch adds this check, and when a single mtab entry requires more that one call to fgets() (i.e. the entry is longer than 512 bytes), it ignores outcome of the second and following calls. Bugs-Debian: https://bugs.debian.org/872926 Signed-off-by: Robert Luberda <[email protected]> Signed-off-by: Sebastien GODARD <[email protected]>
A segmentation fault may happen with "sadc -S DISK..." or "sadc -S XDISK..." when lines longer than 512 bytes are read from /etc/mtab. Such lines are possible for instance when overlay2 filesystem with docker is used. In such a case a single mtab entry can look like this (note that new line characters were added for readability, the original entry contained only one '\n' at the end): overlay /var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2ccdc03 7e0ee5d9e54f87e59f07f4398e71f/merged overlay rw,relatime,lowerdir=/v ar/lib/docker/overlay2/l/L6VKIYXWBQSJ5R7V35SS43R6Y6:/var/lib/docker/ overlay2/l/UCCHKGXUJPWCMLHR36IZJNNIQP:/var/lib/docker/overlay2/l/RKV YEXD2FH65FTMK76RDWPLESX:/var/lib/docker/overlay2/l/DX4JZRKTFP2GOO4V6 OWQ6CPJFY:/var/lib/docker/overlay2/l/6CYNWDKADUPPDZJ5IHOH2R7Y5S:/var /lib/docker/overlay2/l/JTPINUZIATXADL6XWFHG2OYGSF:/var/lib/docker/ov erlay2/l/OTSTIV5TTRHF4IUD7BODQ2FUON:/var/lib/docker/overlay2/l/QFNH3 EFS5EZGRTC4DPHU3PJ4TU:/var/lib/docker/overlay2/l/ZOOUKT2E5U4CSLP57Z7 MXYX5CD:/var/lib/docker/overlay2/l/3LUU6IDR2HWPTVBARC5K6XSMRC:/var/l ib/docker/overlay2/l/XOHYBP4RWXQKQZ43I7JKG24KE4:/var/lib/docker/over lay2/l/MN5M5B7AY5LPXQQC6V2MBJWWBF:/var/lib/docker/overlay2/l/3DRMKQ3 4AIZD2AROU3TVK3OCUT:/var/lib/docker/overlay2/l/73ZXDHBV6C53Q3SPXA57E OLGHU:/var/lib/docker/overlay2/l/C2IZBQ55EUTGEAAORSLE73ZPNM:/var/lib /docker/overlay2/l/ITHARNV7RPWN5S3BCZ2QDMZIMJ:/var/lib/docker/overla y2/l/TQKUV4LEG4AFUUCMFHHRLDBHAH:/var/lib/docker/overlay2/l/N75JZWPPD EKJ4DTN4GMEGTDIZL:/var/lib/docker/overlay2/l/QGUUYAETPMK643DG3AKWJAI IZA,upperdir=/var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2c cdc037e0ee5d9e54f87e59f07f4398e71f/diff,workdir=/var/lib/docker/over lay2/f23d2377a67b9ab1b49555ecd09b2ccdc037e0ee5d9e54f87e59f07f4398e71 f/work 0 0 The crash occurs in the get_filesystem_nr() and read_filesystem() functions which call strchr(line, ' ') but fail to check if the result is not NULL. This patch adds this check, and when a single mtab entry requires more that one call to fgets() (i.e. the entry is longer than 512 bytes), it ignores outcome of the second and following calls. Bugs-Debian: https://bugs.debian.org/872926 Signed-off-by: Robert Luberda <[email protected]> Signed-off-by: Sebastien GODARD <[email protected]>
A segmentation fault may happen with "sadc -S DISK..." or "sadc -S XDISK..." when lines longer than 512 bytes are read from /etc/mtab. Such lines are possible for instance when overlay2 filesystem with docker is used. In such a case a single mtab entry can look like this (note that new line characters were added for readability, the original entry contained only one '\n' at the end): overlay /var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2ccdc03 7e0ee5d9e54f87e59f07f4398e71f/merged overlay rw,relatime,lowerdir=/v ar/lib/docker/overlay2/l/L6VKIYXWBQSJ5R7V35SS43R6Y6:/var/lib/docker/ overlay2/l/UCCHKGXUJPWCMLHR36IZJNNIQP:/var/lib/docker/overlay2/l/RKV YEXD2FH65FTMK76RDWPLESX:/var/lib/docker/overlay2/l/DX4JZRKTFP2GOO4V6 OWQ6CPJFY:/var/lib/docker/overlay2/l/6CYNWDKADUPPDZJ5IHOH2R7Y5S:/var /lib/docker/overlay2/l/JTPINUZIATXADL6XWFHG2OYGSF:/var/lib/docker/ov erlay2/l/OTSTIV5TTRHF4IUD7BODQ2FUON:/var/lib/docker/overlay2/l/QFNH3 EFS5EZGRTC4DPHU3PJ4TU:/var/lib/docker/overlay2/l/ZOOUKT2E5U4CSLP57Z7 MXYX5CD:/var/lib/docker/overlay2/l/3LUU6IDR2HWPTVBARC5K6XSMRC:/var/l ib/docker/overlay2/l/XOHYBP4RWXQKQZ43I7JKG24KE4:/var/lib/docker/over lay2/l/MN5M5B7AY5LPXQQC6V2MBJWWBF:/var/lib/docker/overlay2/l/3DRMKQ3 4AIZD2AROU3TVK3OCUT:/var/lib/docker/overlay2/l/73ZXDHBV6C53Q3SPXA57E OLGHU:/var/lib/docker/overlay2/l/C2IZBQ55EUTGEAAORSLE73ZPNM:/var/lib /docker/overlay2/l/ITHARNV7RPWN5S3BCZ2QDMZIMJ:/var/lib/docker/overla y2/l/TQKUV4LEG4AFUUCMFHHRLDBHAH:/var/lib/docker/overlay2/l/N75JZWPPD EKJ4DTN4GMEGTDIZL:/var/lib/docker/overlay2/l/QGUUYAETPMK643DG3AKWJAI IZA,upperdir=/var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2c cdc037e0ee5d9e54f87e59f07f4398e71f/diff,workdir=/var/lib/docker/over lay2/f23d2377a67b9ab1b49555ecd09b2ccdc037e0ee5d9e54f87e59f07f4398e71 f/work 0 0 The crash occurs in the get_filesystem_nr() and read_filesystem() functions which call strchr(line, ' ') but fail to check if the result is not NULL. This patch adds this check, and when a single mtab entry requires more that one call to fgets() (i.e. the entry is longer than 512 bytes), it ignores outcome of the second and following calls. Bugs-Debian: https://bugs.debian.org/872926 Signed-off-by: Robert Luberda <[email protected]> Signed-off-by: Sebastien GODARD <[email protected]>
Sebastien
I received https://bugs.debian.org/872926, whose reporter observed the following crash:
It turned out that this is related to use of the overlay2 filesystem with docker, which causes lines in /etc/mtab to be longer that 512 bytes (see the mtab.out file attached to the Debian bug.)
The crash occurs in the get_filesystem_nr() function which calls strchr(line, ' ') but fails to check if its result is not NULL.
I've just created a patch fix-mtab-reading-patch.txt that adds this check, and when a single mtab entry requires more that one call to fgets() (i.e. the entry is longer than 512 bytes), it ignores outcome of the second and following calls.
Regards,
robert
The text was updated successfully, but these errors were encountered: