[
https://issues.apache.org/jira/browse/TS-4273?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thomas Jackson closed TS-4273.
------------------------------
Resolution: Won't Fix
Fix Version/s: (was: 6.2.0)
>From some more discussion on IRC, it seems that this isn't an issue-- since
>MultiCache.cc seems to be heap allocated.
> HostDB storing of aname overflowing hostdb MultiCache bounds
> ------------------------------------------------------------
>
> Key: TS-4273
> URL: https://issues.apache.org/jira/browse/TS-4273
> Project: Traffic Server
> Issue Type: Bug
> Reporter: Thomas Jackson
> Assignee: Thomas Jackson
>
> The metadata improvements implemented in TS-3800 started storing hostnames in
> [hostdb|https://github.com/apache/trafficserver/blob/master/iocore/hostdb/HostDB.cc#L1368]
> (instead of just the resolution).
> From my investigation HostDB's MultiCache uses a fixed size allocation
> determined by [get_elementsize|
> https://github.com/apache/trafficserver/blob/master/iocore/hostdb/MultiCache.cc#L116]
> (for hostdb this value is 72). So, from what I see if hostdb where to
> resolve a total name longer than 72 characters it would end up overflowing
> the entry bounds. This means that after cycling around the buffer of hostdb
> once, inserts of this type would start overwriting the first N-72 bytes of
> the next entry-- causing all sorts of corruption (and crashes-- likely the
> cause of TS-4207).
> To fix this issue we should at a minimum have MultiCache verify the item size
> before inserting it (should be easily added for the one where size is passed
> --
> https://github.com/apache/trafficserver/blob/master/iocore/hostdb/MultiCache.cc#L1253).
> If we want to support hostnames over the size of a `HostDBInfo` entry, then
> we will need to ensure that we allocate `N/72` blocks to store the hostname
> in, or store them elsewhere.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
