Ticket 10530 - Use after free in _multi_prog_parse
Summary: Use after free in _multi_prog_parse
Status: RESOLVED FIXED
Alias: None
Product: Slurm
Classification: Unclassified
Component: Other (show other tickets)
Version: 21.08.x
Hardware: Linux Linux
: C - Contributions
Assignee: Tim Wickberg
QA Contact:
URL:
Depends on:
Blocks:
 
Reported: 2020-12-31 14:27 MST by Alex Henrie
Modified: 2021-01-04 14:47 MST (History)
0 users

See Also:
Site: University of Utah
Slinky Site: ---
Alineos Sites: ---
Atos/Eviden Sites: ---
Confidential Site: ---
Coreweave sites: ---
Cray Sites: ---
DS9 clusters: ---
Google sites: ---
HPCnow Sites: ---
HPE Sites: ---
IBM Sites: ---
NOAA SIte: ---
NoveTech Sites: ---
Nvidia HWinf-CS Sites: ---
OCF Sites: ---
Recursion Pharma Sites: ---
SFW Sites: ---
SNIC sites: ---
Tzag Elita Sites: ---
Linux Distro: ---
Machine Name:
CLE Version:
Version Fixed: 20.11.3
Target Release: ---
DevPrio: ---
Emory-Cloud Sites: ---

Attachments
Proposed patch (958 bytes, patch)
2020-12-31 14:28 MST, Alex Henrie 		Details | Diff
Show Obsolete (1) Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this ticket.
Description Alex Henrie 2020-12-31 14:27:10 MST 
Currently _multi_prog_parse has the following code:

	free(one_rank);
	hostlist_destroy(hl);
	error("%s: invalid rank id %s",
	      plugin_type, one_rank);

This code can cause a crash by trying to print one_rank after it has been freed.

Bug identified by scan-build <https://clang-analyzer.llvm.org/scan-build.html>
Comment 1 Alex Henrie 2020-12-31 14:28:36 MST 
Created attachment 17307 [details]
Proposed patch

The attached patch fixes the problem.
Comment 2 Tim Wickberg 2021-01-04 10:37:44 MST 
Comment on attachment 17307 [details]
Proposed patch

commit 616cfee01bcd6d0b578e22c3de78123b4e73e2cb
Author:     Alex Henrie <alexhenrie24@gmail.com>
AuthorDate: Thu Dec 31 14:27:45 2020 -0700

    mpi/cray_shasta - fix use after free in _multi_prog_parse().
    
    Bug 10530.
Comment 3 Tim Wickberg 2021-01-04 10:38:04 MST 
Thanks Alex. This will be in 20.11.3 when released.

- Tim
Comment 4 Alex Henrie 2021-01-04 14:47:34 MST 
Thank you!