Mistakenly I sent older patch.
New one is attached to this mail.
Masatake YAMATO
On Thu, 05 Feb 2015 18:57:58 +0900 (JST), Masatake YAMATO <yamato@xxxxxxxxxx> wrote:
> Is fence-virt still maintained?
> I cannot find the git repository for it.
> There is one at sf.net. However, it looks obsoleted.
>
> With my broken configuration, I got following debug output from
> fence_xvm...
>
> # fence_xvm -H targethost -o status -dddddd
> Debugging threshold is now 6
> -- args @ 0x7fff762de810 --
> ...
> Opening /dev/urandom
> Sending to 225.0.0.12 via 192.168.122.113
> Waiting for connection from XVM host daemon.
> Issuing TCP challenge
>> read: Is a directory
> Invalid response to challenge
> Operation failed
>
> Look at the line marked with '>'. The error message is strange for me
> because as far as reading the source code, read is called with a socket connected
> to fence_virtd.
>
> So I conducted a code walking and found two bugs:
>
> 1. Checking the result of read( and write ) system call
>
> perror is called even if the call is successful.
>
> 2. "read" is specified as an argument for perror when write system call is faield.
>
> Both are not critical if fence_virtd is configured well.
> However, users may be confused when it is not well.
>
>
> Followig patch is not tested at all but it represents what I want to
> say in above list.
>
> Masatake YAMATO
>
>
> --- fence-virt-0.3.2/common/simple_auth.c 2013-11-05 01:08:35.000000000 +0900
> +++ fence-virt-0.3.2/common/simple_auth.c.new 2015-02-05 18:40:53.471029118 +0900
> @@ -260,9 +260,13 @@
> return 0;
> }
>
> - if (read(fd, response, sizeof(response)) < sizeof(response)) {
> + ret = read(fd, response, sizeof(response));
> + if (ret < 0) {
> perror("read");
> return 0;
> + } else if (ret < sizeof(response)) {
> + fprintf(stderr, "RESPONSE is too short(%d) in %s\n", ret, __FUNCTION__);
> + return 0;
> }
>
> ret = !memcmp(response, hash, sizeof(response));
> @@ -333,7 +337,7 @@
> HASH_Destroy(h);
>
> if (write(fd, hash, sizeof(hash)) < sizeof(hash)) {
> - perror("read");
> + perror("write");
> return 0;
> }
>
--- fence-virt-0.3.2/common/simple_auth.c 2013-11-05 01:08:35.000000000 +0900
+++ fence-virt-0.3.2/common/simple_auth.c.new 2015-02-05 18:54:39.290630085 +0900
@@ -260,9 +260,13 @@
return 0;
}
- if (read(fd, response, sizeof(response)) < sizeof(response)) {
+ ret = read(fd, response, sizeof(response));
+ if (ret < 0) {
perror("read");
return 0;
+ } else if (ret < sizeof(response)) {
+ fprintf(stderr, "RESPONSE is too short(%d) in %s\n", ret, __FUNCTION__);
+ return 0;
}
ret = !memcmp(response, hash, sizeof(response));
@@ -291,6 +295,7 @@
HASHContext *h;
HASH_HashType ht;
unsigned int rlen;
+ int ret;
FD_ZERO(&rfds);
FD_SET(fd, &rfds);
@@ -332,8 +337,12 @@
HASH_End(h, hash, &rlen, sizeof(hash));
HASH_Destroy(h);
- if (write(fd, hash, sizeof(hash)) < sizeof(hash)) {
- perror("read");
+ ret = write(fd, hash, sizeof(hash));
+ if (ret < 0) {
+ perror("write");
+ return 0;
+ } else if (ret < sizeof(hash)) {
+ fprintf(stderr, "cannot send full length of RESPONSE(%d) in %s\n", ret, __FUNCTION__);
return 0;
}
--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
