Auth crash fix#6698
Conversation
There was a problem hiding this comment.
Nice catch ! You could just remove this one instead so there is only one call ?
There was a problem hiding this comment.
@dachary nop, PK11_DestroyContext() should be called before this function exit.
There was a problem hiding this comment.
@dachary it's my fault that i misunderstand, you are right, just removing PK11_DestroyContext() is enough. I have just updated pull request.
Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
In this case(e.g. user passes wrong key), attempts to call the CryptoKey.ckh will lead to a segfault.
This patch fixes crash issue like following:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffed10e700 (LWP 25051)]
0x00007ffff59896c6 in CryptoKey::encrypt (this=0x7fffed10d4f0, cct=0x555555829c30, in=..., out=..., error=0x7fffed10d440) at auth/cephx/../Crypto.h:110
110 return ckh->encrypt(in, out, error);
(gdb) bt
at auth/cephx/../Crypto.h:110
at auth/cephx/CephxProtocol.h:464
Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
254d781 to
a7f520c
Compare
|
This passed a test run. I'd still like to see a simple test before merging it, though, since this failure/error path is very easy to break later. I think you can put a simple test case in, say, src/test/mon/misc.sh, and verify it by running the script with a ./vstart.sh environment (or via make check). |
Signed-off-by: Dunrong Huang <riegamaths@gmail.com>
|
hi @liewegas , I just add a test to detect the error as you suggested, and verify it in different case, could you have a look at and merge it if there is nothing wrong? |
auth: fix crash when bad keyring is passed Reviewed-by: Sage Weil <sage@redhat.com>
|
@mtanski can you make a bug for backporting it? (reference this pr, set the status to "Pending Backport" and the backport field to infernalis (and maybe hammer too)) |
No description provided.