StarlingX

fmClient segfaults on short string parameter

Bug #1807986 reported by Erich Cordoba
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Low
Lin Shuicheng

Bug Description

Brief Description
-----------------

The fmClientCli command segfaults with a short parameter, it needs at least 3 characters to work properly.

Severity
--------

Minor

Steps to Reproduce
------------------

Run the following command:

fmClientCli -g he

Noticed that "hel" doesn't causes the segfault.

Expected Behavior
-----------------

The tool should parse the arguments properly and perform actions if the arguments are valid.

Actual Behavior
----------------

fmClientCli segfaults with:

terminate called after throwing an instance of 'std::out_of_range'
  what(): basic_string::substr
Aborted (core dumped)

Reproducibility
---------------

100%

Branch/Pull Time/Commit
-----------------------
stx-fault in master

Revision history for this message
Erich Cordoba (ericho) wrote :

Same thing happens with -c option:

$ fmClientCli -c 23
terminate called after throwing an instance of 'std::out_of_range'
  what(): basic_string::substr
Aborted (core dumped)

Revision history for this message
Erich Cordoba (ericho) wrote :

Seems the bug can be here:
https://github.com/openstack/stx-fault/blob/master/fm-common/sources/fmAlarmUtils.cpp#L205

static void str_to_vector(const std::string &s, std::vector<std::string> &alarm) {
 size_t offset = 0;
 alarm.clear();
 while (true) {
  size_t beg = (offset==0) ? 0 : s.find("###",offset);
  if (beg==std::string::npos) break;
  size_t e = s.find("###",beg+3);
  std::string cont = s.substr(beg+3,e-(beg+3));
  alarm.push_back(cont);
  offset=e;
 }
}

Revision history for this message
Ghada Khalil (gkhalil) wrote :

Minor issue; not release gating, but would be nice to fix.
This would be a good training opportunity for someone ramping up on the fault flock component.

Changed in starlingx:
importance: Undecided → Low
status: New → Triaged
tags: added: stx.fault
Changed in starlingx:
assignee: nobody → Bruce Jones (brucej)
Bruce Jones (brucej)
Changed in starlingx:
assignee: Bruce Jones (brucej) → Cindy Xie (xxie1)
Lin Shuicheng (shuicheng)
Changed in starlingx:
assignee: Cindy Xie (xxie1) → Lin Shuicheng (shuicheng)
Austin Sun (sunausti)
Changed in starlingx:
assignee: Lin Shuicheng (shuicheng) → Austin Sun (sunausti)
Lin Shuicheng (shuicheng)
Changed in starlingx:
assignee: Austin Sun (sunausti) → Lin Shuicheng (shuicheng)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to stx-fault (master)

Fix proposed to branch: master
Review: https://review.openstack.org/633151

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to stx-fault (master)

Reviewed: https://review.openstack.org/633151
Committed: https://git.openstack.org/cgit/openstack/stx-fault/commit/?id=64939761628c1bf2b389877bfd1618f8d1dfba65
Submitter: Zuul
Branch: master

commit 64939761628c1bf2b389877bfd1618f8d1dfba65
Author: Shuicheng Lin <email address hidden>
Date: Sat Jan 26 01:19:38 2019 +0800

    fix issue: fmClient segfaults on short string parameter

    It is due to out of range access violation. Fix it by checking length
    before access.

    Closes-Bug: 1807986

    Change-Id: Iba2b445f50fd98a74d932c9b3f691fc7145274bb
    Signed-off-by: Shuicheng Lin <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
Ghada Khalil (gkhalil) wrote :

Adding stx.2019.05 tag as this fix was merged for that release

tags: added: stx.2019.05
Ken Young (kenyis)
tags: added: stx.2.0
removed: stx.2019.05
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.