[Ocfs2-tools-devel] [PATCH] mounted.ocfs2: check length of names in ocfs2_print_nodes()

Coly Li coly.li at suse.de
Thu Mar 12 10:25:36 PDT 2009 

This patch is original from "[RFC] PATCH: verify slot number in
_ocfs2_read_slot_map(), v2". Thanks to Sunil and Joel for their comments and review.

In some buggy conditions, mounted.ocfs2 does dirty reads, when it happens, in
ocfs2_print_nodes():
 66                 node_num = map->md_slots[i].sd_node_num;
 67                 if (names && names[node_num] && *(names[node_num]))
node_num in 66 may be a very large number (due to the invalid data from
__ocfs2_read_slot_map()), and names[node_num] references to an illegal memory
region.

This patch adds third parameter 'length_of_names'to ocfs2_print_nodes(), when
node_num >= length_of_names, mounted.ocfs2 will display error message in this style:
# mounted.ocfs2 -f
Device                FS     Nodes
/dev/hdb1             ocfs2  Unknown

As Joel mentioned, this patch only fixes current o2cb stack issue. More work is
needed to make a completely solution for both o2cb and user space cluster stacks.

Signed-off-by: Coly Li <coly.li at suse.de>
---
 mounted.ocfs2/mounted.c |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/mounted.ocfs2/mounted.c b/mounted.ocfs2/mounted.c
index 2b5550f..6ce3eb6 100644
--- a/mounted.ocfs2/mounted.c
+++ b/mounted.ocfs2/mounted.c
@@ -48,7 +48,8 @@ static char *usage_string =
 "	-d quick detect\n"
 "	-f full detect\n";

-static void ocfs2_print_nodes(ocfs2_devices *dev, char **names)
+static void ocfs2_print_nodes(ocfs2_devices *dev, char **names,
+				unsigned int length_of_names)
 {
 	int i, start = 1;
 	unsigned int node_num;
@@ -64,7 +65,10 @@ static void ocfs2_print_nodes(ocfs2_devices *dev, char **names)
 			printf(", ");

 		node_num = map->md_slots[i].sd_node_num;
-		if (names && names[node_num] && *(names[node_num]))
+
+		if (node_num >= length_of_names)
+			printf("Unknown");
+		else if (names && names[node_num] && *(names[node_num]))
 			printf("%s", names[node_num]);
 		else
 			printf("%d", node_num);
@@ -116,7 +120,7 @@ static void ocfs2_print_full_detect(struct list_head *dev_list)
 			if (dev->hb_dev)
 				printf("Heartbeat device");
 			else if (dev->mount_flags & OCFS2_MF_MOUNTED_CLUSTER)
-				ocfs2_print_nodes(dev, nodes);
+				ocfs2_print_nodes(dev, nodes, i);
 			else
 				printf("Not mounted");
 			printf("\n");

-- 
Coly Li
SuSE Labs

More information about the Ocfs2-tools-devel mailing list