[Openais] [PATCH corosync] objdb memory violation (caught by valgrind)

Steven Dake sdake at redhat.com
Wed Oct 29 21:37:21 PDT 2008


good for commit
regards
-steve
On Thu, 2008-10-30 at 10:19 +1300, angus salkeld wrote:
> Hi
> 
> Whilst running corosync under valgrind I found the following:
> 
> ==2405== 1 errors in context 1 of 5:
> ==2405== Invalid write of size 1
> ==2405==    at 0x40331D0: memcpy (in /opt/2/lib/valgrind/ppc32-linux/vgpreload_memcheck.so)
> ==2405==    by 0x4A09EAC: object_key_replace (objdb.c:994)
> ==2405==    by 0x4A81E8C: message_handler_req_lib_confdb_key_replace (confdb.c:425)
> ==2405==    by 0x1000A198: prioritized_poll_thread (ipc.c:927)
> ==2405==    by 0x4181AE4: (within /lib/libpthread-0.9.29.so)
> ==2405==    by 0x41D186C: clone (in /lib/libuClibc-0.9.29.so)
> ==2405==  Address 0x461bf25 is 0 bytes after a block of size 5 alloc'd
> ==2405==    at 0x40300E8: malloc (in /opt/2/lib/valgrind/ppc32-linux/vgpreload_memcheck.so)
> ==2405==    by 0x4A0A960: object_key_create (objdb.c:482)
> ==2405==    by 0x4A1DBC0: parse_section (coroparse.c:133)
> ==2405==    by 0x4A1DB50: parse_section (coroparse.c:121)
> ==2405==    by 0x4A1DB50: parse_section (coroparse.c:121)
> ==2405==    by 0x4A1DCC0: aisparser_readconfig (coroparse.c:175)
> ==2405==    by 0x10005938: main (main.c:601)
> 
> If the new length is larger then memory will be overwritten.
> 
> I could make this ">=" but we can save memory if the new size is smaller by using "!=".
> 
> Regards
> Angus
> 
> diff --git a/exec/objdb.c b/exec/objdb.c
> index 1cfcddf..b0b60bb 100644
> --- a/exec/objdb.c
> +++ b/exec/objdb.c
> @@ -1085,7 +1085,7 @@ static int object_key_replace (
>                         }
>                 }
> 
> -           if (new_value_len <= object_key->value_len) {
> +         if (new_value_len != object_key->value_len) {
>                         void *replacement_value;
>                         replacement_value = malloc(new_value_len);
>                         if (!replacement_value)
> 
> _______________________________________________
> Openais mailing list
> Openais at lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/openais



More information about the Openais mailing list