Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sadc crashes on a mtab file with really long lines #162

Closed
roblub opened this issue Aug 23, 2017 · 3 comments
Closed

sadc crashes on a mtab file with really long lines #162

roblub opened this issue Aug 23, 2017 · 3 comments

Comments

@roblub
Copy link

roblub commented Aug 23, 2017

Sebastien

I received https://bugs.debian.org/872926, whose reporter observed the following crash:

> root@turkey:~# /usr/lib/sysstat/sadc -F -L -S DISK 1 1 /var/log/sysstat
Segmentation fault

It turned out that this is related to use of the overlay2 filesystem with docker, which causes lines in /etc/mtab to be longer that 512 bytes (see the mtab.out file attached to the Debian bug.)
The crash occurs in the get_filesystem_nr() function which calls strchr(line, ' ') but fails to check if its result is not NULL.

I've just created a patch fix-mtab-reading-patch.txt that adds this check, and when a single mtab entry requires more that one call to fgets() (i.e. the entry is longer than 512 bytes), it ignores outcome of the second and following calls.

Regards,
robert
@sysstat
Copy link
Owner

sysstat commented Aug 26, 2017

Hi Robert,

Thank you for your bug report and your patch.
Your patch fixes the segmentation fault we get with "sadc -S DISK...".
I have noticed that the same bug exists with "sadc -S XDISK...", i.e. when filesystem statistics are read by sadc. So I have extended the scope of your patch and have also applied the changes to read_filesystem() function in rd_stats.c.

Regards,
Sebastien

@hanbaga
Copy link

hanbaga commented Mar 18, 2019
edited

@sysstat how can I change sysstat.ioconf to avoid the segment fault, not merge the patch version 11.2.0 ubuntu 16.04.

Fixed at https://launchpad.net/ubuntu/+source/sysstat/11.2.0-1ubuntu0.2

@sysstat
Copy link
Owner

sysstat commented Mar 20, 2019

Fixing the problem requires applying the patch, not changing sysstat.ioconf.

TL-Yao pushed a commit to scantist-ossops-m2/sysstat that referenced this issue Apr 18, 2024
@sysstat
Fix sysstat#162: sadc crashes on a mtab file with really long lines
6974083 
A segmentation fault may happen with "sadc -S DISK..." or
"sadc -S XDISK..." when lines longer than 512 bytes are read from
/etc/mtab.

Such lines are possible for instance when overlay2 filesystem
with docker is used. In such a case a single mtab entry can look
like this (note that new line characters were added for readability,
the original entry contained only one '\n' at the end):

overlay /var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2ccdc03
7e0ee5d9e54f87e59f07f4398e71f/merged overlay rw,relatime,lowerdir=/v
ar/lib/docker/overlay2/l/L6VKIYXWBQSJ5R7V35SS43R6Y6:/var/lib/docker/
overlay2/l/UCCHKGXUJPWCMLHR36IZJNNIQP:/var/lib/docker/overlay2/l/RKV
YEXD2FH65FTMK76RDWPLESX:/var/lib/docker/overlay2/l/DX4JZRKTFP2GOO4V6
OWQ6CPJFY:/var/lib/docker/overlay2/l/6CYNWDKADUPPDZJ5IHOH2R7Y5S:/var
/lib/docker/overlay2/l/JTPINUZIATXADL6XWFHG2OYGSF:/var/lib/docker/ov
erlay2/l/OTSTIV5TTRHF4IUD7BODQ2FUON:/var/lib/docker/overlay2/l/QFNH3
EFS5EZGRTC4DPHU3PJ4TU:/var/lib/docker/overlay2/l/ZOOUKT2E5U4CSLP57Z7
MXYX5CD:/var/lib/docker/overlay2/l/3LUU6IDR2HWPTVBARC5K6XSMRC:/var/l
ib/docker/overlay2/l/XOHYBP4RWXQKQZ43I7JKG24KE4:/var/lib/docker/over
lay2/l/MN5M5B7AY5LPXQQC6V2MBJWWBF:/var/lib/docker/overlay2/l/3DRMKQ3
4AIZD2AROU3TVK3OCUT:/var/lib/docker/overlay2/l/73ZXDHBV6C53Q3SPXA57E
OLGHU:/var/lib/docker/overlay2/l/C2IZBQ55EUTGEAAORSLE73ZPNM:/var/lib
/docker/overlay2/l/ITHARNV7RPWN5S3BCZ2QDMZIMJ:/var/lib/docker/overla
y2/l/TQKUV4LEG4AFUUCMFHHRLDBHAH:/var/lib/docker/overlay2/l/N75JZWPPD
EKJ4DTN4GMEGTDIZL:/var/lib/docker/overlay2/l/QGUUYAETPMK643DG3AKWJAI
IZA,upperdir=/var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2c
cdc037e0ee5d9e54f87e59f07f4398e71f/diff,workdir=/var/lib/docker/over
lay2/f23d2377a67b9ab1b49555ecd09b2ccdc037e0ee5d9e54f87e59f07f4398e71
f/work 0 0

The crash occurs in the get_filesystem_nr() and read_filesystem()
functions which call strchr(line, ' ') but fail to check if the result
is not NULL.

This patch adds this check, and when a single mtab entry requires more
that one call to fgets() (i.e. the entry is longer than 512 bytes), it
ignores outcome of the second and following calls.

Bugs-Debian: https://bugs.debian.org/872926
Signed-off-by: Robert Luberda <[email protected]>
Signed-off-by: Sebastien GODARD <[email protected]>
TL-Yao pushed a commit to scantist-ossops-m2/sysstat that referenced this issue Apr 18, 2024
@sysstat
Fix sysstat#162: sadc crashes on a mtab file with really long lines
5eb49ca 
A segmentation fault may happen with "sadc -S DISK..." or
"sadc -S XDISK..." when lines longer than 512 bytes are read from
/etc/mtab.

Such lines are possible for instance when overlay2 filesystem
with docker is used. In such a case a single mtab entry can look
like this (note that new line characters were added for readability,
the original entry contained only one '\n' at the end):

overlay /var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2ccdc03
7e0ee5d9e54f87e59f07f4398e71f/merged overlay rw,relatime,lowerdir=/v
ar/lib/docker/overlay2/l/L6VKIYXWBQSJ5R7V35SS43R6Y6:/var/lib/docker/
overlay2/l/UCCHKGXUJPWCMLHR36IZJNNIQP:/var/lib/docker/overlay2/l/RKV
YEXD2FH65FTMK76RDWPLESX:/var/lib/docker/overlay2/l/DX4JZRKTFP2GOO4V6
OWQ6CPJFY:/var/lib/docker/overlay2/l/6CYNWDKADUPPDZJ5IHOH2R7Y5S:/var
/lib/docker/overlay2/l/JTPINUZIATXADL6XWFHG2OYGSF:/var/lib/docker/ov
erlay2/l/OTSTIV5TTRHF4IUD7BODQ2FUON:/var/lib/docker/overlay2/l/QFNH3
EFS5EZGRTC4DPHU3PJ4TU:/var/lib/docker/overlay2/l/ZOOUKT2E5U4CSLP57Z7
MXYX5CD:/var/lib/docker/overlay2/l/3LUU6IDR2HWPTVBARC5K6XSMRC:/var/l
ib/docker/overlay2/l/XOHYBP4RWXQKQZ43I7JKG24KE4:/var/lib/docker/over
lay2/l/MN5M5B7AY5LPXQQC6V2MBJWWBF:/var/lib/docker/overlay2/l/3DRMKQ3
4AIZD2AROU3TVK3OCUT:/var/lib/docker/overlay2/l/73ZXDHBV6C53Q3SPXA57E
OLGHU:/var/lib/docker/overlay2/l/C2IZBQ55EUTGEAAORSLE73ZPNM:/var/lib
/docker/overlay2/l/ITHARNV7RPWN5S3BCZ2QDMZIMJ:/var/lib/docker/overla
y2/l/TQKUV4LEG4AFUUCMFHHRLDBHAH:/var/lib/docker/overlay2/l/N75JZWPPD
EKJ4DTN4GMEGTDIZL:/var/lib/docker/overlay2/l/QGUUYAETPMK643DG3AKWJAI
IZA,upperdir=/var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2c
cdc037e0ee5d9e54f87e59f07f4398e71f/diff,workdir=/var/lib/docker/over
lay2/f23d2377a67b9ab1b49555ecd09b2ccdc037e0ee5d9e54f87e59f07f4398e71
f/work 0 0

The crash occurs in the get_filesystem_nr() and read_filesystem()
functions which call strchr(line, ' ') but fail to check if the result
is not NULL.

This patch adds this check, and when a single mtab entry requires more
that one call to fgets() (i.e. the entry is longer than 512 bytes), it
ignores outcome of the second and following calls.

Bugs-Debian: https://bugs.debian.org/872926
Signed-off-by: Robert Luberda <[email protected]>
Signed-off-by: Sebastien GODARD <[email protected]>
TL-Yao pushed a commit to scantist-ossops-m2/sysstat that referenced this issue Apr 18, 2024
@sysstat
Fix sysstat#162: sadc crashes on a mtab file with really long lines
a162c44 
A segmentation fault may happen with "sadc -S DISK..." or
"sadc -S XDISK..." when lines longer than 512 bytes are read from
/etc/mtab.

Such lines are possible for instance when overlay2 filesystem
with docker is used. In such a case a single mtab entry can look
like this (note that new line characters were added for readability,
the original entry contained only one '\n' at the end):

overlay /var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2ccdc03
7e0ee5d9e54f87e59f07f4398e71f/merged overlay rw,relatime,lowerdir=/v
ar/lib/docker/overlay2/l/L6VKIYXWBQSJ5R7V35SS43R6Y6:/var/lib/docker/
overlay2/l/UCCHKGXUJPWCMLHR36IZJNNIQP:/var/lib/docker/overlay2/l/RKV
YEXD2FH65FTMK76RDWPLESX:/var/lib/docker/overlay2/l/DX4JZRKTFP2GOO4V6
OWQ6CPJFY:/var/lib/docker/overlay2/l/6CYNWDKADUPPDZJ5IHOH2R7Y5S:/var
/lib/docker/overlay2/l/JTPINUZIATXADL6XWFHG2OYGSF:/var/lib/docker/ov
erlay2/l/OTSTIV5TTRHF4IUD7BODQ2FUON:/var/lib/docker/overlay2/l/QFNH3
EFS5EZGRTC4DPHU3PJ4TU:/var/lib/docker/overlay2/l/ZOOUKT2E5U4CSLP57Z7
MXYX5CD:/var/lib/docker/overlay2/l/3LUU6IDR2HWPTVBARC5K6XSMRC:/var/l
ib/docker/overlay2/l/XOHYBP4RWXQKQZ43I7JKG24KE4:/var/lib/docker/over
lay2/l/MN5M5B7AY5LPXQQC6V2MBJWWBF:/var/lib/docker/overlay2/l/3DRMKQ3
4AIZD2AROU3TVK3OCUT:/var/lib/docker/overlay2/l/73ZXDHBV6C53Q3SPXA57E
OLGHU:/var/lib/docker/overlay2/l/C2IZBQ55EUTGEAAORSLE73ZPNM:/var/lib
/docker/overlay2/l/ITHARNV7RPWN5S3BCZ2QDMZIMJ:/var/lib/docker/overla
y2/l/TQKUV4LEG4AFUUCMFHHRLDBHAH:/var/lib/docker/overlay2/l/N75JZWPPD
EKJ4DTN4GMEGTDIZL:/var/lib/docker/overlay2/l/QGUUYAETPMK643DG3AKWJAI
IZA,upperdir=/var/lib/docker/overlay2/f23d2377a67b9ab1b49555ecd09b2c
cdc037e0ee5d9e54f87e59f07f4398e71f/diff,workdir=/var/lib/docker/over
lay2/f23d2377a67b9ab1b49555ecd09b2ccdc037e0ee5d9e54f87e59f07f4398e71
f/work 0 0

The crash occurs in the get_filesystem_nr() and read_filesystem()
functions which call strchr(line, ' ') but fail to check if the result
is not NULL.

This patch adds this check, and when a single mtab entry requires more
that one call to fgets() (i.e. the entry is longer than 512 bytes), it
ignores outcome of the second and following calls.

Bugs-Debian: https://bugs.debian.org/872926
Signed-off-by: Robert Luberda <[email protected]>
Signed-off-by: Sebastien GODARD <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sysstat @hanbaga @roblub