Bug #4594
Updated by Loïc Dachary about 11 years ago
"work in progress":https://github.com/dachary/ceph/commit/wip-4594
Parsing \n in "lfn_parse_object_name":https://github.com/ceph/ceph/blob/e225767384f95cb9b00ef62087278e8c3ece4ba4/src/os/LFNIndex.cc#L900 is implemented with
"out->append('\0');":https://github.com/ceph/ceph/blob/e225767384f95cb9b00ef62087278e8c3ece4ba4/src/os/LFNIndex.cc#L494
which segfaults when using libstdc++ and g++ version 4.6.3 on Debian
GNU/Linux.
The problem can be reproduced with a single file containing
main() { std::string s; s.append('\0'); }
When compiled and run with
g++ -o a a.cc ; valgrind --tool=memcheck ./a
it outputs the following:
<pre>
==7446== Invalid read of size 1
==7446== at 0x40293A2: strlen (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7446== by 0x4AE2C7B: std::string::append(char const*) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.17)
==7446== by 0x400769: main (in /tmp/a)
==7446== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==7446== Process terminating with default action of signal 11 (SIGSEGV)
==7446== Access not within mapped region at address 0x0
==7446== at 0x40293A2: strlen (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7446== by 0x4AE2C7B: std::string::append(char const*) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.17)
</pre>