You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "V. Karthik Kumar (JIRA)" <ji...@apache.org> on 2013/06/09 02:25:19 UTC

[jira] [Commented] (HADOOP-9635) Potential Stack Overflow in DomainSocket.c

    [ https://issues.apache.org/jira/browse/HADOOP-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13678897#comment-13678897 ] 

V. Karthik Kumar commented on HADOOP-9635:
------------------------------------------

{code}
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x0000000000000000
[Switching to process 406 thread 0x1103]
0x00000001094a67fc in Java_org_apache_hadoop_net_unix_DomainSocket_validateSocketPathSecurity0 (env=0x1005004c0, clazz=0x1094a90e9, jstr=0x0, skipComponents=0) at DomainSocket.c:308
308            token && rest[0];
(gdb) bt
#0  0x00000001094a67fc in Java_org_apache_hadoop_net_unix_DomainSocket_validateSocketPathSecurity0 (env=0x1005004c0, clazz=0x1094a90e9, jstr=0x0, skipComponents=0) at DomainSocket.c:308
#1  0x0000000105011eee in ?? ()
#2  0x000000010500685a in ?? ()
#3  0x00000001050069b3 in ?? ()
#4  0x000000010500685a in ?? ()
#5  0x00000001050069b3 in ?? ()
#6  0x000000010500685a in ?? ()
#7  0x000000010500685a in ?? ()
#8  0x000000010500685a in ?? ()
#9  0x00000001050069b3 in ?? ()
#10 0x00000001050069b3 in ?? ()
#11 0x00000001050069b3 in ?? ()
#12 0x000000010500685a in ?? ()
#13 0x0000000105001438 in ?? ()
#14 0x0000000101096a12 in JVM_Lseek ()
#15 0x00000001010967d6 in JVM_Lseek ()
#16 0x00000001010b95d3 in JVM_FindLoadedClass ()
#17 0x00000001010b947b in JVM_FindLoadedClass ()
#18 0x0000000100002cf3 in ?? ()
#19 0x0000000100003240 in ?? ()
#20 0x00007fff9753b7a2 in _pthread_start ()
#21 0x00007fff975281e1 in thread_start ()
(gdb) 
{code}
                
> Potential Stack Overflow in DomainSocket.c
> ------------------------------------------
>
>                 Key: HADOOP-9635
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9635
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: native
>    Affects Versions: 2.3.0
>         Environment: OSX 10.8
>            Reporter: V. Karthik Kumar
>         Attachments: DomainSocket.diff
>
>
> When I was running on OSX, the DataNode was segfaulting. On investigation, it was tracked down to this code. A potential stack overflow was also identified. 
> {code}
>    utfLength = (*env)->GetStringUTFLength(env, jstr);
>    if (utfLength > sizeof(path)) {
>      jthr = newIOException(env, "path is too long!  We expected a path "
>          "no longer than %zd UTF-8 bytes.", sizeof(path));
>      goto done;
>    }
>   // GetStringUTFRegion does not pad with NUL
>    (*env)->GetStringUTFRegion(env, jstr, 0, utfLength, path);
> ...
>   //strtok_r can set rest pointer to NULL when no tokens found.
>   //Causes JVM to crash in rest[0]
>    for (check[0] = '/', check[1] = '\0', rest = path, token = "";
>        token && rest[0];
>         token = strtok_r(rest, "/", &rest)) {
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira