-
Type:
Bug
-
Resolution: Done
-
Priority:
Major - P3
-
Affects Version/s: None
-
Component/s: None
When running wtperf with multiple tables, there is an off-by-one error in the size calculation when allocating a buffer to hold the URI:
==31246==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000cebf at pc 0x7ffff6ec7b32 bp 0x7fffffffd690 sp 0x7fffffffce20
WRITE of size 16 at 0x60200000cebf thread T0
#0 0x7ffff6ec7b31 in vsprintf (/lib64/libasan.so.3+0x8fb31)
#1 0x7ffff6ec7d62 in sprintf (/lib64/libasan.so.3+0x8fd62)
#2 0x417863 in create_uris ../../../bench/wtperf/wtperf.c:1879
#3 0x418bef in start_run ../../../bench/wtperf/wtperf.c:2048
#4 0x418350 in start_all_runs ../../../bench/wtperf/wtperf.c:1956
#5 0x41ba08 in main ../../../bench/wtperf/wtperf.c:2425
#6 0x7ffff5b34730 in __libc_start_main (/lib64/libc.so.6+0x20730)
#7 0x4034f8 in _start (/mnt/fast/mjc/wt/src/wiredtiger-git/build_posix/bench/wtperf/wtperf+0x4034f8)
0x60200000cebf is located 0 bytes to the right of 15-byte region [0x60200000ceb0,0x60200000cebf)
allocated by thread T0 here:
#0 0x7ffff6efefe0 in calloc (/lib64/libasan.so.3+0xc6fe0)
#1 0x41f543 in dcalloc ../../../test/utility/misc.c:150
#2 0x417768 in create_uris ../../../bench/wtperf/wtperf.c:1872
#3 0x418bef in start_run ../../../bench/wtperf/wtperf.c:2048
#4 0x418350 in start_all_runs ../../../bench/wtperf/wtperf.c:1956
#5 0x41ba08 in main ../../../bench/wtperf/wtperf.c:2425
#6 0x7ffff5b34730 in __libc_start_main (/lib64/libc.so.6+0x20730)