diff --git a/6026-Mdmonitor-Fix-segfault.patch b/6026-Mdmonitor-Fix-segfault.patch new file mode 100644 index 0000000000000000000000000000000000000000..6eb09cd3c4b4e2a990f5912738c4d425e674ed52 --- /dev/null +++ b/6026-Mdmonitor-Fix-segfault.patch @@ -0,0 +1,98 @@ +From e702f392959d1c2ad2089e595b52235ed97b4e18 Mon Sep 17 00:00:00 2001 +From: Kinga Tanska +Date: Mon, 6 Jun 2022 12:32:12 +0200 +Subject: [PATCH 16/83] Mdmonitor: Fix segfault + +Mdadm with "--monitor" parameter requires md device +as an argument to be monitored. If given argument is +not a md device, error shall be returned. Previously +it was not checked and invalid argument caused +segmentation fault. This commit adds checking +that devices passed to mdmonitor are md devices. + +Signed-off-by: Kinga Tanska +Signed-off-by: Jes Sorensen +--- + Monitor.c | 10 +++++++++- + mdadm.h | 1 + + mdopen.c | 17 +++++++++++++++++ + 3 files changed, 27 insertions(+), 1 deletion(-) + +diff --git a/Monitor.c b/Monitor.c +index 1980764..19af9a4 100644 +--- a/Monitor.c ++++ b/Monitor.c +@@ -171,6 +171,7 @@ int Monitor(struct mddev_dev *devlist, + continue; + if (strcasecmp(mdlist->devname, "") == 0) + continue; ++ + st = xcalloc(1, sizeof *st); + if (mdlist->devname[0] == '/') + st->devname = xstrdup(mdlist->devname); +@@ -181,6 +182,8 @@ int Monitor(struct mddev_dev *devlist, + st->devname = xcalloc(_len, sizeof(char)); + snprintf(st->devname, _len, "/dev/md/%s", mdlist->devname); + } ++ if (!is_mddev(mdlist->devname)) ++ return 1; + st->next = statelist; + st->devnm[0] = 0; + st->percent = RESYNC_UNKNOWN; +@@ -194,7 +197,12 @@ int Monitor(struct mddev_dev *devlist, + struct mddev_dev *dv; + + for (dv = devlist; dv; dv = dv->next) { +- struct state *st = xcalloc(1, sizeof *st); ++ struct state *st; ++ ++ if (!is_mddev(dv->devname)) ++ return 1; ++ ++ st = xcalloc(1, sizeof *st); + mdlist = conf_get_ident(dv->devname); + st->devname = xstrdup(dv->devname); + st->next = statelist; +diff --git a/mdadm.h b/mdadm.h +index 441d0bd..ff08dfa 100644 +--- a/mdadm.h ++++ b/mdadm.h +@@ -1555,6 +1555,7 @@ extern int create_mddev(char *dev, char *name, int autof, int trustworthy, + #define FOREIGN 2 + #define METADATA 3 + extern int open_mddev(char *dev, int report_errors); ++extern int is_mddev(char *dev); + extern int open_container(int fd); + extern int metadata_container_matches(char *metadata, char *devnm); + extern int metadata_subdev_matches(char *metadata, char *devnm); +diff --git a/mdopen.c b/mdopen.c +index 98c54e4..28c8dba 100644 +--- a/mdopen.c ++++ b/mdopen.c +@@ -474,6 +474,23 @@ int open_mddev(char *dev, int report_errors) + return mdfd; + } + ++/** ++ * is_mddev() - check that file name passed is an md device. ++ * @dev: file name that has to be checked. ++ * Return: 1 if file passed is an md device, 0 if not. ++ */ ++int is_mddev(char *dev) ++{ ++ int fd = open_mddev(dev, 1); ++ ++ if (fd >= 0) { ++ close(fd); ++ return 1; ++ } ++ ++ return 0; ++} ++ + char *find_free_devnm(int use_partitions) + { + static char devnm[32]; +-- +2.27.0 + diff --git a/mdadm.spec b/mdadm.spec index 2680104dccd21c4ee13d4c287777bd9dcedb0a9b..a6b6df20e29f0d990756e9b86e1f3f3768e14ee7 100644 --- a/mdadm.spec +++ b/mdadm.spec @@ -1,6 +1,6 @@ Name: mdadm Version: 4.1 -Release: rc2.0.18 +Release: rc2.0.19 Summary: The software RAID arrays user manage tools License: GPLv2+ URL: http://www.kernel.org/pub/linux/utils/raid/mdadm/ @@ -36,6 +36,7 @@ Patch6022: 6022-Fix-null-pointer-for-incremental-in-mdadm.patch Patch6023: 6023-Fix-build-error-for-check.patch Patch6024: 6024-Fix-memory-leak-in-file-Manage.patch Patch6025: 6025-Manage-fix-check-after-dereference-issue.patch +Patch6026: 6026-Mdmonitor-Fix-segfault.patch BuildRequires: systemd gcc binutils Requires(post): systemd coreutils @@ -101,6 +102,9 @@ install -d -m 710 %{buildroot}/var/run/mdadm/ %{_mandir}/man*/* %changelog +* Thu Jul 11 2024 Deyuan Fan - 4.1-rc2.0.19 +- Mdmonitor: Fix segfault + * Fri Jun 28 2024 wuguanghao - 4.1-rc2.0.18 - Manage: fix check after dereference issue