[stgt] [PATCH] tgtd: fix memory access overrun on array of pthread_t type data

FUJITA Tomonori fujita.tomonori at lab.ntt.co.jp
Thu Dec 19 14:48:31 CET 2013


On Thu, 19 Dec 2013 18:56:29 +0900
Ryusuke Konishi <konishi.ryusuke at lab.ntt.co.jp> wrote:

> bs_thread_close function accesses memory outside allocated region
> because it reads each array element with an index before confirming
> that the index is within the range of the array.
> 
> This fixes the issue and gets rid of the following warning detected by
> valgrind:
> 
>  ==10848== Invalid read of size 8
>  ==10848==    at 0x42AF91: bs_thread_close (bs.c:461)
>  ==10848==    by 0x42BD94: bs_sheepdog_exit (bs_sheepdog.c:1275)
>  ==10848==    by 0x4183B7: tgt_device_destroy (target.c:739)
>  ==10848==    by 0x41608D: mtask_received (mgmt.c:251)
>  ==10848==    by 0x4164CB: mtask_recv_send_handler (mgmt.c:670)
>  ==10848==    by 0x4141F8: event_loop (tgtd.c:428)
>  ==10848==    by 0x414899: main (tgtd.c:611)
> 
> Signed-off-by: Ryusuke Konishi <konishi.ryusuke at lab.ntt.co.jp>
> ---
>  usr/bs.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Applied, thanks a lot!
--
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the stgt mailing list