From 690ca8207269919e89341a9a49a3cff0e56e344b Mon Sep 17 00:00:00 2001 From: ShyamsundarR Date: Mon, 20 Aug 2018 16:01:47 -0400 Subject: cli: Fix invalid access of option_str variable In function cli_cmd_volume_statedump_options_parse if the wordcount of arguments is exactly 3, then option_str would remain NULL, and hence the function will generate a segmentation fault on the strstr check in its body. This can be triggered when we run the command, `gluster volume statedump ` The fix is to check if option_str is non-NULL before use and also to pass in a duplicated empty string to the dict key "options" when this is NULL. Fixes: bz#1619423 Change-Id: Ic029ab60b64890d92c7a0876a638929495d3aa59 Signed-off-by: ShyamsundarR --- cli/src/cli-cmd-parser.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'cli') diff --git a/cli/src/cli-cmd-parser.c b/cli/src/cli-cmd-parser.c index 16b0cc81cd6..5472b3e8f38 100644 --- a/cli/src/cli-cmd-parser.c +++ b/cli/src/cli-cmd-parser.c @@ -3607,7 +3607,9 @@ cli_cmd_volume_statedump_options_parse (const char **words, int wordcount, goto out; } } - if ((strstr (option_str, "nfs")) && strstr (option_str, "quotad")) { + if (option_str && + (strstr (option_str, "nfs")) && + strstr (option_str, "quotad")) { ret = -1; goto out; } @@ -3619,7 +3621,10 @@ cli_cmd_volume_statedump_options_parse (const char **words, int wordcount, goto out; } - ret = dict_set_dynstr (dict, "options", option_str); + /* dynamic string in dict is freed up when dict is freed up, and hence + if option_str is NULL pass in an duplicate empty string to the same */ + ret = dict_set_dynstr (dict, "options", + (option_str ? option_str : gf_strdup(""))); if (ret) goto out; option_str = NULL; -- cgit