Michael Tokarev: fix segfaults in Detail() (#691670)

Michael Tokarev mjt at alioth.debian.org
Sun Oct 28 20:40:21 UTC 2012 

Module: mdadm
Branch: master
Commit: 59da642c698da2b7c883d83b9271ea738278bc1a
URL:    http://git.debian.org/?p=pkg-mdadm/mdadm.git;a=commit;h=59da642c698da2b7c883d83b9271ea738278bc1a

Author: Michael Tokarev <mjt at tls.msk.ru>
Date:   Sun Oct 28 20:54:22 2012 +0400

fix segfaults in Detail() (#691670)

---

 debian/changelog                             |    2 +
 debian/patches/fix-segfaults-in-detail.patch |   42 ++++++++++++++++++++++++++
 debian/patches/series                        |    1 +
 3 files changed, 45 insertions(+), 0 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 2427323..49615af 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -9,6 +9,8 @@ mdadm (3.2.5-4) UNRELEASED; urgency=low
   * Fix 'enough' function for RAID10, to prevent starting of a RAID10
     array which does not have required minimum of component devices.
     (Closes: #691668).
+  * fix segfaults in Detail() - mdadm --detail may segfault if a drive
+    has been removed from the array (Closes: #691670)
 
  -- Michael Tokarev <mjt at tls.msk.ru>  Sat, 20 Oct 2012 19:20:12 +0400
 
diff --git a/debian/patches/fix-segfaults-in-detail.patch b/debian/patches/fix-segfaults-in-detail.patch
new file mode 100644
index 0000000..6d78bcf
--- /dev/null
+++ b/debian/patches/fix-segfaults-in-detail.patch
@@ -0,0 +1,42 @@
+From aec89f63e98322a141d146a84c67b0cc2d1cd1a4 Mon Sep 17 00:00:00 2001
+From: Lukasz Dorau <lukasz.dorau at intel.com>
+Date: Thu, 27 Sep 2012 16:58:44 +1000
+Subject: fix segfaults in Detail()
+Bug-Debian: http://bugs.debian.org/691670
+Comment: from stable/bugfix upstream 3.2.6 version
+
+If disk has been removed, 'st' and 'info' can be NULL. It causes segfault.
+'st' and 'info' should be checked against being NULL before being used.
+
+Signed-off-by: Lukasz Dorau <lukasz.dorau at intel.com>
+Signed-off-by: NeilBrown <neilb at suse.de>
+---
+ Detail.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/Detail.c b/Detail.c
+index 85e2b89..67ddc80 100644
+--- a/Detail.c
++++ b/Detail.c
+@@ -424,7 +424,7 @@ int Detail(char *dev, int brief, int export, int test, char *homehost, char *pre
+ 		}
+ 		free_mdstat(ms);
+ 
+-		if (st->sb && info->reshape_active) {
++		if ((st && st->sb) && (info && info->reshape_active)) {
+ #if 0
+ This is pretty boring
+ 			printf("  Reshape pos'n : %llu%s\n", (unsigned long long) info->reshape_progress<<9,
+@@ -575,7 +575,8 @@ This is pretty boring
+ 	if (spares && brief && array.raid_disks) printf(" spares=%d", spares);
+ 	if (brief && st && st->sb)
+ 		st->ss->brief_detail_super(st);
+-	st->ss->free_super(st);
++	if (st)
++		st->ss->free_super(st);
+ 
+ 	if (brief > 1 && devices) printf("\n   devices=%s", devices);
+ 	if (brief) printf("\n");
+-- 
+1.7.10.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 231f0e9..19382de 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@ debian-no-Werror.diff
 sha1-includes.diff
 spelling-and-manpages.patch
 fix-enough-function-for-RAID10.patch
+fix-segfaults-in-detail.patch

More information about the pkg-mdadm-commits mailing list