From e0fe2628f77fb671e83b2391de4cbe5745182ea7 Mon Sep 17 00:00:00 2001
From: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Date: Fri, 15 Mar 2019 15:58:47 +0530
Subject: [PATCH] rpc: fix heap-buffer-overflow reported by asan

=================================================================
==11250==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000002219 at pc 0x7f4da51871ac bp 0x7f4da07fb17
0 sp 0x7f4da07fa918
READ of size 10 at 0x602000002219 thread T3
    #0 0x7f4da51871ab  (/lib64/libasan.so.5+0xba1ab)
    #1 0x470883 in block_create_v2_1_svc_st /root/gluster-block/rpc/block_svc_routines.c:4517
    #2 0x481ee2 in block_create_v2_1_svc /root/gluster-block/rpc/block_svc_routines.c:5340
    #3 0x40c6cb in gluster_block_1 /root/gluster-block/rpc/rpcl/block_svc.c:99
    #4 0x7f4da4ee4198 in svc_getreq_common (/lib64/libtirpc.so.3+0x18198)
    #5 0x7f4da4ee4336 in svc_getreq_poll (/lib64/libtirpc.so.3+0x18336)
    #6 0x7f4da4ee6b6d in svc_run (/lib64/libtirpc.so.3+0x1ab6d)
    #7 0x405d2d in glusterBlockServerThreadProc /root/gluster-block/daemon/gluster-blockd.c:197
    #8 0x7f4da50a158d in start_thread (/lib64/libpthread.so.0+0x858d)
    #9 0x7f4da4e036a2 in clone (/lib64/libc.so.6+0xfd6a2)

0x602000002219 is located 0 bytes to the right of 9-byte region [0x602000002210,0x602000002219)
allocated by thread T3 here:
    #0 0x7f4da51bce10 in calloc (/lib64/libasan.so.5+0xefe10)
    #1 0x7f4da4eeb18f in xdr_bytes (/lib64/libtirpc.so.3+0x1f18f)

Thread T3 created by T0 here:
    #0 0x7f4da511ff63 in __interceptor_pthread_create (/lib64/libasan.so.5+0x52f63)
    #1 0x40bbc1 in main /root/gluster-block/daemon/gluster-blockd.c:600
    #2 0x7f4da4d2a412 in __libc_start_main (/lib64/libc.so.6+0x24412)

SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib64/libasan.so.5+0xba1ab)

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
---
 rpc/block_svc_routines.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rpc/block_svc_routines.c b/rpc/block_svc_routines.c
index 5013f89..a524aba 100644
--- a/rpc/block_svc_routines.c
+++ b/rpc/block_svc_routines.c
@@ -4516,7 +4516,7 @@ block_create_v2_1_svc_st(blockCreate2 *blk, struct svc_req *rqstp)
   convertTypeCreate2ToCreate(blk, &blk_v1);
 
   if (len > 0 && len <= HOST_NAME_MAX) {
-    if (strcmp(blk->xdata.xdata_val, "localhost")) {
+    if (strncmp(blk->xdata.xdata_val, "localhost", 9)) {
       if (GB_ALLOC_N(volServer, len) < 0)
         goto err;
       strncpy(volServer, blk->xdata.xdata_val, len);