View Issue Details

IDProjectCategoryView StatusLast Update
0000469bareos-core[All Projects] directorpublic2015-11-30 18:43
ReporterahelmckeAssigned To 
PrioritynormalSeveritycrashReproducibilityalways
Status resolvedResolutionfixed 
Product Version14.2.4 
Fixed in Version 
Summary0000469: Dir crashes if media.ScratchPoolId = NULL
DescriptionIf the database contains a media record with ScratchpoolId = NULL the director crashes with segfault.

Patch attached.
Additional InformationAs far as i can see, even if the director does not crash it overwrites the field media.InitialWrite with the ScratchPoolId.

The attached patch also addresses three simular wrong checks (not matching array indices).
TagsNo tags attached.
bareos-master: impactyes
bareos-master: actionfixed
bareos-19.2: impact
bareos-19.2: action
bareos-18.2: impact
bareos-18.2: action
bareos-17.2: impact
bareos-17.2: action
bareos-16.2: impact
bareos-16.2: action
bareos-15.2: impact
bareos-15.2: action
bareos-14.2: impactyes
bareos-14.2: actionfixed
bareos-13.2: impactyes
bareos-13.2: actionwill care
bareos-12.4: impactyes
bareos-12.4: actionwill care

Relationships

child of 0000447 closedjoergs Release bareos-14.2.5 
child of 0000392 closed Release bareos-12.4.8 
child of 0000416 closed Release bareos-13.2.5 

Activities

ahelmcke

ahelmcke

2015-05-19 15:45

reporter  

0001-Wrong-array-indices-while-checking-for-NULL-correcte.patch (2,225 bytes)
From 1d81a75bb0ea0f4857b1485d9295075125ac7365 Mon Sep 17 00:00:00 2001
From: Andreas Helmcke <ahe@helmcke.name>
Date: Tue, 19 May 2015 14:41:07 +0200
Subject: [PATCH] Wrong array indices while checking for NULL corrected.

---
 src/cats/sql_get.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/cats/sql_get.c b/src/cats/sql_get.c
index cfa87bd..455aeff 100644
--- a/src/cats/sql_get.c
+++ b/src/cats/sql_get.c
@@ -331,8 +331,8 @@ bool db_get_job_record(JCR *jcr, B_DB *mdb, JOB_DBR *jr)
       jr->JobId = str_to_int64(row[16]);
    }
    jr->FileSetId = str_to_int64(row[17]);
-   bstrncpy(jr->cSchedTime, (row[3] != NULL) ? row[18] : "", sizeof(jr->cSchedTime));
-   bstrncpy(jr->cRealEndTime, (row[3] != NULL) ? row[19] : "", sizeof(jr->cRealEndTime));
+   bstrncpy(jr->cSchedTime, (row[18] != NULL) ? row[18] : "", sizeof(jr->cSchedTime));
+   bstrncpy(jr->cRealEndTime, (row[19] != NULL) ? row[19] : "", sizeof(jr->cRealEndTime));
    jr->ReadBytes = str_to_int64(row[20]);
    jr->StartTime = str_to_utime(jr->cStartTime);
    jr->SchedTime = str_to_utime(jr->cSchedTime);
@@ -1075,13 +1075,13 @@ bool db_get_media_record(JCR *jcr, B_DB *mdb, MEDIA_DBR *mr)
             mr->EndFile = str_to_uint64(row[23]);
             mr->EndBlock = str_to_uint64(row[24]);
             mr->LabelType = str_to_int64(row[25]);
-            bstrncpy(mr->cLabelDate, (row[26] != NULL) ? row[27] : "", sizeof(mr->cLabelDate));
+            bstrncpy(mr->cLabelDate, (row[26] != NULL) ? row[26] : "", sizeof(mr->cLabelDate));
             mr->LabelDate = (time_t)str_to_utime(mr->cLabelDate);
             mr->StorageId = str_to_int64(row[27]);
             mr->Enabled = str_to_int64(row[28]);
             mr->LocationId = str_to_int64(row[29]);
             mr->RecycleCount = str_to_int64(row[30]);
-            bstrncpy(mr->cInitialWrite, (row[31] != NULL) ? row[32] : "", sizeof(mr->cInitialWrite));
+            bstrncpy(mr->cInitialWrite, (row[31] != NULL) ? row[31] : "", sizeof(mr->cInitialWrite));
             mr->InitialWrite = (time_t)str_to_utime(mr->cInitialWrite);
             mr->ScratchPoolId = str_to_int64(row[32]);
             mr->RecyclePoolId = str_to_int64(row[33]);
-- 
2.1.4

mvwieringen

mvwieringen

2015-05-19 18:41

developer   ~0001731

Fix committed to bareos master branch with changesetid 5244.
mvwieringen

mvwieringen

2015-05-29 18:06

developer   ~0001761

Fix committed to bareos bareos-14.2 branch with changesetid 5354.
mvwieringen

mvwieringen

2015-11-18 11:07

developer   ~0001986

Fix committed to bareos bareos-13.2 branch with changesetid 5836.
mvwieringen

mvwieringen

2015-11-19 00:10

developer   ~0001997

Fix committed to bareos bareos-12.4 branch with changesetid 5866.

Related Changesets

bareos: master 9af8ab14

2015-05-19 14:41:07

ahelmcke


Committer: mvwieringen

Ported: N/A

Details Diff
Dir crashes if media.ScratchPoolId = NULL

Wrong array indices while checking for NULL corrected.

Fixes 0000469: Dir crashes if media.ScratchPoolId = NULL

Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
Affected Issues
0000469
mod - AUTHORS Diff File
mod - src/cats/sql_get.c Diff File

bareos: bareos-14.2 a9a004ac

2015-05-19 14:41:07

ahelmcke


Committer: mvwieringen

Ported: N/A

Details Diff
Dir crashes if media.ScratchPoolId = NULL

Wrong array indices while checking for NULL corrected.

Fixes 0000469: Dir crashes if media.ScratchPoolId = NULL

Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
Affected Issues
0000469
mod - AUTHORS Diff File
mod - src/cats/sql_get.c Diff File

bareos: bareos-13.2 235a2e7f

2015-05-19 14:41:07

ahelmcke


Committer: mvwieringen

Ported: N/A

Details Diff
Dir crashes if media.ScratchPoolId = NULL

Wrong array indices while checking for NULL corrected.

Fixes 0000469: Dir crashes if media.ScratchPoolId = NULL

Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
Affected Issues
0000469
mod - AUTHORS Diff File
mod - src/cats/sql_get.c Diff File

bareos: bareos-12.4 f01b5356

2015-05-19 14:41:07

ahelmcke


Committer: mvwieringen

Ported: N/A

Details Diff
Dir crashes if media.ScratchPoolId = NULL

Wrong array indices while checking for NULL corrected.

Fixes 0000469: Dir crashes if media.ScratchPoolId = NULL

Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
Affected Issues
0000469
mod - AUTHORS Diff File
mod - src/cats/sql_get.c Diff File

Issue History

Date Modified Username Field Change
2015-05-19 15:45 ahelmcke New Issue
2015-05-19 15:45 ahelmcke File Added: 0001-Wrong-array-indices-while-checking-for-NULL-correcte.patch
2015-05-19 17:28 mvwieringen Assigned To => mvwieringen
2015-05-19 17:28 mvwieringen Status new => assigned
2015-05-19 17:46 mvwieringen bareos-master: impact => yes
2015-05-19 17:46 mvwieringen bareos-master: action => will care
2015-05-19 17:46 mvwieringen bareos-14.2: impact => yes
2015-05-19 17:46 mvwieringen bareos-14.2: action => will care
2015-05-19 17:50 mvwieringen bareos-13.2: impact => yes
2015-05-19 17:50 mvwieringen bareos-13.2: action => will care
2015-05-19 17:50 mvwieringen bareos-12.4: impact => yes
2015-05-19 17:50 mvwieringen bareos-12.4: action => will care
2015-05-19 18:41 mvwieringen Changeset attached => bareos master 9af8ab14
2015-05-19 18:41 mvwieringen Note Added: 0001731
2015-05-19 18:41 mvwieringen Status assigned => resolved
2015-05-19 18:41 mvwieringen Resolution open => fixed
2015-05-27 12:34 joergs Relationship added child of 0000447
2015-05-27 12:35 joergs bareos-master: action will care => fixed
2015-05-29 18:06 mvwieringen Changeset attached => bareos bareos-14.2 a9a004ac
2015-05-29 18:06 mvwieringen Note Added: 0001761
2015-06-01 16:19 joergs bareos-14.2: action will care => fixed
2015-10-02 20:10 mvwieringen adm Assigned To mvwieringen =>
2015-10-02 20:10 mvwieringen adm Status resolved => closed
2015-11-18 11:07 mvwieringen Changeset attached => bareos bareos-13.2 235a2e7f
2015-11-18 11:07 mvwieringen Note Added: 0001986
2015-11-18 11:07 mvwieringen Status closed => resolved
2015-11-19 00:10 mvwieringen Changeset attached => bareos bareos-12.4 f01b5356
2015-11-19 00:10 mvwieringen Note Added: 0001997
2015-11-30 18:40 joergs Relationship added child of 0000392
2015-11-30 18:43 joergs Relationship added child of 0000416