[tickets] [opensaf:tickets] #719 AMFD: Invalid read when deleting a node from a node group

Tue, 04 Feb 2014 00:58:34 -0800 

changeset:   4890:9ec8f6cee807
branch:      opensaf-4.3.x
tag:         tip
parent:      4880:15ffd206d67b
user:        Hans Nordeback <[email protected]>
date:        Tue Feb 04 09:39:09 2014 +0100
summary:     amfd: fix out-of-bounds read from nodelist array [#719]

changeset:   4889:83d317c23ae7
branch:      opensaf-4.2.x
parent:      4879:4b68adad7e61
user:        Hans Nordeback <[email protected]>
date:        Tue Feb 04 09:39:09 2014 +0100
summary:     amfd: fix out-of-bounds read from nodelist array [#719]

changeset:   4888:b5fadff61e11
parent:      4886:d6dcea24eb3d
user:        Hans Nordeback <[email protected]>
date:        Tue Feb 04 09:26:05 2014 +0100
summary:     amfd: fix out-of-bounds read from nodelist array [#719]

changeset:   4887:f6f2cbd1cc13
branch:      opensaf-4.4.x
parent:      4885:2d63b760834b
user:        Hans Nordeback <[email protected]>
date:        Tue Feb 04 09:26:05 2014 +0100
summary:     amfd: fix out-of-bounds read from nodelist array [#719]



---

** [tickets:#719] AMFD: Invalid read when deleting a node from a node group**

**Status:** review
**Created:** Wed Jan 15, 2014 05:35 AM UTC by Gary Lee
**Last Updated:** Tue Jan 28, 2014 06:17 AM UTC
**Owner:** Gary Lee

When deleting a node from a node group, valgrind sometimes reports an invalid 
read.

Possible solution:

Ensure we don't try to read beyond our array, if the removed node happens to be 
the last element in the array.

~~~~
diff --git a/osaf/services/saf/amf/amfd/nodegroup.cc 
b/osaf/services/saf/amf/amfd/nodegroup.cc
--- a/osaf/services/saf/amf/amfd/nodegroup.cc
+++ b/osaf/services/saf/amf/amfd/nodegroup.cc
@@ -509,7 +509,7 @@
 
                        TRACE("found node %s", ng->saAmfNGNodeList[j].value);
 
-                       for (; j < ng->number_nodes; j++)
+                       for (; j < (ng->number_nodes - 1); j++)
                                ng->saAmfNGNodeList[j] = ng->saAmfNGNodeList[j 
+ 1];
~~~~


---

Sent from sourceforge.net because [email protected] is 
subscribed to https://sourceforge.net/p/opensaf/tickets/

To unsubscribe from further messages, a project admin can change settings at 
https://sourceforge.net/p/opensaf/admin/tickets/options.  Or, if this is a 
mailing list, you can unsubscribe from the mailing list.
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets

Reply via email to