Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[2.1] Fix: libstonithd: avoid use-after-free when retrieving metadata of Linux-HA fence agents #3480

Merged
merged 2 commits into from
May 30, 2024
Merged

[2.1] Fix: libstonithd: avoid use-after-free when retrieving metadata of Linux-HA fence agents #3480

merged 2 commits into from
May 30, 2024

Conversation

gao-yan
Copy link
Member

@gao-yan gao-yan commented May 29, 2024
edited
Loading

Backport #3476 and #3492 to 2.1

Regression introduced by acfbd5e (not yet released).

A st_info_fn() may free any existing output buffer every time when it's called like:

https://github.com/ClusterLabs/cluster-glue/blob/5cc622b4/lib/plugins/stonith/external.c#L612

So we should copy the output every time.

@gao-yan
Fix: libstonithd: avoid use-after-free when retrieving metadata of Li…
349003d 
…nux-HA fence agents

Regression introduced by acfbd5e (not yet released).

A st_info_fn() may free any existing output buffer every time when it's
called like:

https://github.com/ClusterLabs/cluster-glue/blob/5cc622b4/lib/plugins/stonith/external.c#L612

So we should copy the output every time.
@gao-yan
Fix: libstonithd: free escaped metadata descriptions with g_free()
569aa41 
They were created as gchar *.
@gao-yan gao-yan force-pushed the use-after-free-metadata-lha-agents-2.1 branch from a7f252b to 569aa41 Compare May 30, 2024 15:28
@kgaillot kgaillot merged commit 09c4d6d into ClusterLabs:2.1 May 30, 2024
1 check passed
bmwiedemann pushed a commit to bmwiedemann/openSUSE that referenced this pull request Jun 11, 2024
@bmwiedemann
Update pacemaker to version 2.1.7+20240530.09c4d6d2e / rev 157 via SR…
ca1f5f8 
… 1179895

https://build.opensuse.org/request/show/1179895
by user yan_gao + anag+factory
- Update to version 2.1.7+20240530.09c4d6d2e:
- libstonithd: free escaped metadata descriptions with g_free() (bsc#1224869, gh#ClusterLabs/pacemaker#3480)
- libstonithd: avoid use-after-free when retrieving metadata of Linux-HA fence agents (bsc#1224869, gh#ClusterLabs/pacemaker#3480)

- Update to version 2.1.7+20240529.c7e11c771:
- libcrmcommon: support PCMK_panic_action="off" or "sync-off"
- libcrmcommon: avoid possible buffer overflow in pcmk__time_format_hr()
- libcrmcommon: avoid possible buffer overflow in parse_date()

- Update to version 2.1.7+20240515.39ef08240 (Pacemaker-2.1.8-rc1):
- ChangeLog: update for 2.1.8-rc1 release

- Update to version 2.1.7+20240514.9d0f30818:
- scheduler: avoid memory leaks when updating action names
- libcrmcommon: fix readable interval
- tools: make c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kgaillot kgaillot kgaillot approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@gao-yan @kgaillot