From ab9b928873024bbc44c941d2ded1b7371f443dd6 Mon Sep 17 00:00:00 2001 From: David Spisla Date: Wed, 6 Mar 2019 12:21:18 +0100 Subject: WORM-Xlator: Maybe integer overflow when computing new atime The structs worm_reten_state_t and read_only_priv_t from read-only.h are using uint64_t values to store periods of retention and autocommmit. This seems to be dangerous since in worm-helper.c the function worm_set_state computes in line 97: stbuf->ia_atime = time(NULL) + retention_state->ret_period; stbuf->ia_atime is using int64_t because of the settings of struct iattr. So if there is a very very high retention period stored, there is maybe an integer overflow. What can be the solution? Using int64_t instead if uint64_t may reduce the probability of the occurance. Change-Id: Id1e86c6b20edd53f171c4cfcb528804ba7881f65 fixes: bz#1685944 Signed-off-by: David Spisla --- libglusterfs/src/libglusterfs.sym | 4 ++++ xlators/features/read-only/src/read-only.h | 8 ++++---- xlators/features/read-only/src/worm.c | 8 ++++---- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/libglusterfs/src/libglusterfs.sym b/libglusterfs/src/libglusterfs.sym index 4466a5eee9a..0d1142dea76 100644 --- a/libglusterfs/src/libglusterfs.sym +++ b/libglusterfs/src/libglusterfs.sym @@ -1107,10 +1107,12 @@ xlator_option_init_percent xlator_option_init_percent_or_size xlator_option_init_size xlator_option_init_size_uint64 +xlator_option_init_size_int64 xlator_option_init_str xlator_option_init_time xlator_option_init_uint32 xlator_option_init_uint64 +xlator_option_init_int64 xlator_option_init_xlator xlator_option_reconf_bool xlator_option_reconf_int32 @@ -1119,10 +1121,12 @@ xlator_option_reconf_percent xlator_option_reconf_percent_or_size xlator_option_reconf_size xlator_option_reconf_size_uint64 +xlator_option_reconf_size_int64 xlator_option_reconf_str xlator_option_reconf_time xlator_option_reconf_uint32 xlator_option_reconf_uint64 +xlator_option_reconf_int64 xlator_option_reconf_xlator xlator_options_validate xlator_options_validate_list diff --git a/xlators/features/read-only/src/read-only.h b/xlators/features/read-only/src/read-only.h index b959d2a44fb..fc32f82f8c5 100644 --- a/xlators/features/read-only/src/read-only.h +++ b/xlators/features/read-only/src/read-only.h @@ -19,16 +19,16 @@ typedef struct { uint8_t retain : 1; uint8_t legal_hold : 1; uint8_t ret_mode : 1; - uint64_t ret_period; - uint64_t auto_commit_period; + int64_t ret_period; + int64_t auto_commit_period; } worm_reten_state_t; typedef struct { gf_boolean_t readonly_or_worm_enabled; gf_boolean_t worm_file; gf_boolean_t worm_files_deletable; - uint64_t reten_period; - uint64_t com_period; + int64_t reten_period; + int64_t com_period; int reten_mode; time_t start_time; } read_only_priv_t; diff --git a/xlators/features/read-only/src/worm.c b/xlators/features/read-only/src/worm.c index 24196f83931..cc3d15b8b2a 100644 --- a/xlators/features/read-only/src/worm.c +++ b/xlators/features/read-only/src/worm.c @@ -519,8 +519,8 @@ init(xlator_t *this) GF_OPTION_INIT("worm", priv->readonly_or_worm_enabled, bool, out); GF_OPTION_INIT("worm-file-level", priv->worm_file, bool, out); - GF_OPTION_INIT("default-retention-period", priv->reten_period, uint64, out); - GF_OPTION_INIT("auto-commit-period", priv->com_period, uint64, out); + GF_OPTION_INIT("default-retention-period", priv->reten_period, int64, out); + GF_OPTION_INIT("auto-commit-period", priv->com_period, int64, out); GF_OPTION_INIT("retention-mode", reten_mode, str, out); set_reten_mode(priv, reten_mode); GF_OPTION_INIT("worm-files-deletable", priv->worm_files_deletable, bool, @@ -545,10 +545,10 @@ reconfigure(xlator_t *this, dict_t *options) out); GF_OPTION_RECONF("worm-file-level", priv->worm_file, options, bool, out); GF_OPTION_RECONF("default-retention-period", priv->reten_period, options, - uint64, out); + int64, out); GF_OPTION_RECONF("retention-mode", reten_mode, options, str, out); set_reten_mode(priv, reten_mode); - GF_OPTION_RECONF("auto-commit-period", priv->com_period, options, uint64, + GF_OPTION_RECONF("auto-commit-period", priv->com_period, options, int64, out); GF_OPTION_RECONF("worm-files-deletable", priv->worm_files_deletable, options, bool, out); -- cgit