Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-2806

wtperf allocation size off-by-one

    Details

      Description

      When running wtperf with multiple tables, there is an off-by-one error in the size calculation when allocating a buffer to hold the URI:

      ==31246==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000cebf at pc 0x7ffff6ec7b32 bp 0x7fffffffd690 sp 0x7fffffffce20
      WRITE of size 16 at 0x60200000cebf thread T0
          #0 0x7ffff6ec7b31 in vsprintf (/lib64/libasan.so.3+0x8fb31)
          #1 0x7ffff6ec7d62 in sprintf (/lib64/libasan.so.3+0x8fd62)
          #2 0x417863 in create_uris ../../../bench/wtperf/wtperf.c:1879
          #3 0x418bef in start_run ../../../bench/wtperf/wtperf.c:2048
          #4 0x418350 in start_all_runs ../../../bench/wtperf/wtperf.c:1956
          #5 0x41ba08 in main ../../../bench/wtperf/wtperf.c:2425
          #6 0x7ffff5b34730 in __libc_start_main (/lib64/libc.so.6+0x20730)
          #7 0x4034f8 in _start (/mnt/fast/mjc/wt/src/wiredtiger-git/build_posix/bench/wtperf/wtperf+0x4034f8)
       
      0x60200000cebf is located 0 bytes to the right of 15-byte region [0x60200000ceb0,0x60200000cebf)
      allocated by thread T0 here:
          #0 0x7ffff6efefe0 in calloc (/lib64/libasan.so.3+0xc6fe0)
          #1 0x41f543 in dcalloc ../../../test/utility/misc.c:150
          #2 0x417768 in create_uris ../../../bench/wtperf/wtperf.c:1872
          #3 0x418bef in start_run ../../../bench/wtperf/wtperf.c:2048
          #4 0x418350 in start_all_runs ../../../bench/wtperf/wtperf.c:1956
          #5 0x41ba08 in main ../../../bench/wtperf/wtperf.c:2425
          #6 0x7ffff5b34730 in __libc_start_main (/lib64/libc.so.6+0x20730)
      

        Attachments

          Activity

            People

            • Assignee:
              michael.cahill Michael Cahill
              Reporter:
              michael.cahill Michael Cahill
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: