Actions
Bug #3574
closed
Using checkgenericfilecontent Technique with 16Ko content leads to error
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:
Description
With Rudder 2.6 (CFEngine 3.4.4), when using a very very large content for file edition leads to a nasty stacktrace on the agent side :
*** buffer overflow detected ***: /var/rudder/cfengine-community/bin/cf-promises terminated ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f9ef79ae007] /lib/x86_64-linux-gnu/libc.so.6(+0x107f00)[0x7f9ef79acf00] /var/rudder/cfengine-community/bin/cf-promises[0x425239] /var/rudder/cfengine-community/bin/cf-promises[0x427439] /var/rudder/cfengine-community/bin/cf-promises[0x4277c7] /var/rudder/cfengine-community/bin/cf-promises[0x40fc04] /var/rudder/cfengine-community/bin/cf-promises[0x41001b] /var/rudder/cfengine-community/bin/cf-promises[0x41ba92] /var/rudder/cfengine-community/bin/cf-promises[0x41c07a] /var/rudder/cfengine-community/bin/cf-promises[0x40526f] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f9ef78c676d] /var/rudder/cfengine-community/bin/cf-promises[0x405331] ======= Memory map: ======== 00400000-004a2000 r-xp 00000000 fd:01 16053 /var/rudder/cfengine-community/bin/cf-promises 006a1000-006a2000 r--p 000a1000 fd:01 16053 /var/rudder/cfengine-community/bin/cf-promises 006a2000-006a7000 rw-p 000a2000 fd:01 16053 /var/rudder/cfengine-community/bin/cf-promises 006a7000-006c9000 rw-p 00000000 00:00 0 014b4000-0165e000 rw-p 00000000 00:00 0 [heap] 7f9ef6404000-7f9ef6419000 r-xp 00000000 fd:01 262869 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9ef6419000-7f9ef6618000 ---p 00015000 fd:01 262869 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9ef6618000-7f9ef6619000 r--p 00014000 fd:01 262869 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9ef6619000-7f9ef661a000 rw-p 00015000 fd:01 262869 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9ef661a000-7f9ef6624000 r-xp 00000000 fd:01 263064 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f9ef6624000-7f9ef6824000 ---p 0000a000 fd:01 263064 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f9ef6824000-7f9ef6825000 r--p 0000a000 fd:01 263064 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f9ef6825000-7f9ef6826000 rw-p 0000b000 fd:01 263064 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f9ef6826000-7f9ef683d000 r-xp 00000000 fd:01 263058 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f9ef683d000-7f9ef6a3c000 ---p 00017000 fd:01 263058 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f9ef6a3c000-7f9ef6a3d000 r--p 00016000 fd:01 263058 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f9ef6a3d000-7f9ef6a3e000 rw-p 00017000 fd:01 263058 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f9ef6a3e000-7f9ef6a40000 rw-p 00000000 00:00 0 7f9ef6a40000-7f9ef6a48000 r-xp 00000000 fd:01 263066 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f9ef6a48000-7f9ef6c47000 ---p 00008000 fd:01 263066 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f9ef6c47000-7f9ef6c48000 r--p 00007000 fd:01 263066 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f9ef6c48000-7f9ef6c49000 rw-p 00008000 fd:01 263066 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f9ef6c49000-7f9ef6c61000 r-xp 00000000 fd:01 263057 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f9ef6c61000-7f9ef6e61000 ---p 00018000 fd:01 263057 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f9ef6e61000-7f9ef6e62000 r--p 00018000 fd:01 263057 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f9ef6e62000-7f9ef6e63000 rw-p 00019000 fd:01 263057 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f9ef6e63000-7f9ef6e65000 rw-p 00000000 00:00 0 7f9ef6e65000-7f9ef6e6c000 r-xp 00000000 fd:01 263069 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f9ef6e6c000-7f9ef706b000 ---p 00007000 fd:01 263069 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f9ef706b000-7f9ef706c000 r--p 00006000 fd:01 263069 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f9ef706c000-7f9ef706d000 rw-p 00007000 fd:01 263069 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f9ef706d000-7f9ef7079000 r-xp 00000000 fd:01 263063 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f9ef7079000-7f9ef7278000 ---p 0000c000 fd:01 263063 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f9ef7278000-7f9ef7279000 r--p 0000b000 fd:01 263063 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f9ef7279000-7f9ef727a000 rw-p 0000c000 fd:01 263063 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f9ef727a000-7f9ef727c000 r-xp 00000000 fd:01 263070 /lib/x86_64-linux-gnu/libdl-2.15.so 7f9ef727c000-7f9ef747c000 ---p 00002000 fd:01 263070 /lib/x86_64-linux-gnu/libdl-2.15.so 7f9ef747c000-7f9ef747d000 r--p 00002000 fd:01 263070 /lib/x86_64-linux-gnu/libdl-2.15.so 7f9ef747d000-7f9ef747e000 rw-p 00003000 fd:01 263070 /lib/x86_64-linux-gnu/libdl-2.15.so 7f9ef747e000-7f9ef7494000 r-xp 00000000 fd:01 266982 /lib/x86_64-linux-gnu/libz.so.1.2.3.4 7f9ef7494000-7f9ef7693000 ---p 00016000 fd:01 266982 /lib/x86_64-linux-gnu/libz.so.1.2.3.4 7f9ef7693000-7f9ef7694000 r--p 00015000 fd:01 266982 /lib/x86_64-linux-gnu/libz.so.1.2.3.4 7f9ef7694000-7f9ef7695000 rw-p 00016000 fd:01 266982 /lib/x86_64-linux-gnu/libz.so.1.2.3.4 7f9ef7695000-7f9ef76a4000 r-xp 00000000 fd:01 262271 /lib/x86_64-linux-gnu/libbz2.so.1.0.4 7f9ef76a4000-7f9ef78a3000 ---p 0000f000 fd:01 262271 /lib/x86_64-linux-gnu/libbz2.so.1.0.4 7f9ef78a3000-7f9ef78a4000 r--p 0000e000 fd:01 262271 /lib/x86_64-linux-gnu/libbz2.so.1.0.4 7f9ef78a4000-7f9ef78a5000 rw-p 0000f000 fd:01 262271 /lib/x86_64-linux-gnu/libbz2.so.1.0.4 7f9ef78a5000-7f9ef7a58000 r-xp 00000000 fd:01 263054 /lib/x86_64-linux-gnu/libc-2.15.so 7f9ef7a58000-7f9ef7c57000 ---p 001b3000 fd:01 263054 /lib/x86_64-linux-gnu/libc-2.15.so 7f9ef7c57000-7f9ef7c5b000 r--p 001b2000 fd:01 263054 /lib/x86_64-linux-gnu/libc-2.15.so 7f9ef7c5b000-7f9ef7c5d000 rw-p 001b6000 fd:01 263054 /lib/x86_64-linux-gnu/libc-2.15.so 7f9ef7c5d000-7f9ef7c62000 rw-p 00000000 00:00 0 7f9ef7c62000-7f9ef7c7a000 r-xp 00000000 fd:01 263074 /lib/x86_64-linux-gnu/libpthread-2.15.so 7f9ef7c7a000-7f9ef7e79000 ---p 00018000 fd:01 263074 /lib/x86_64-linux-gnu/libpthread-2.15.so 7f9ef7e79000-7f9ef7e7a000 r--p 00017000 fd:01 263074 /lib/x86_64-linux-gnu/libpthread-2.15.so 7f9ef7e7a000-7f9ef7e7b000 rw-p 00018000 fd:01 263074 /lib/x86_64-linux-gnu/libpthread-2.15.so 7f9ef7e7b000-7f9ef7e7f000 rw-p 00000000 00:00 0 7f9ef7e7f000-7f9ef801e000 r-xp 00000000 fd:01 265076 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f9ef801e000-7f9ef821d000 ---p 0019f000 fd:01 265076 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f9ef821d000-7f9ef8238000 r--p 0019e000 fd:01 265076 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f9ef8238000-7f9ef8243000 rw-p 001b9000 fd:01 265076 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f9ef8243000-7f9ef8247000 rw-p 00000000 00:00 0 7f9ef8247000-7f9ef8283000 r-xp 00000000 fd:01 263910 /lib/x86_64-linux-gnu/libpcre.so.3.12.1 7f9ef8283000-7f9ef8482000 ---p 0003c000 fd:01 263910 /lib/x86_64-linux-gnu/libpcre.so.3.12.1 7f9ef8482000-7f9ef8483000 r--p 0003b000 fd:01 263910 /lib/x86_64-linux-gnu/libpcre.so.3.12.1 7f9ef8483000-7f9ef8484000 rw-p 0003c000 fd:01 263910 /lib/x86_64-linux-gnu/libpcre.so.3.12.1 7f9ef8484000-7f9ef8514000 r-xp 00000000 fd:01 272812 /usr/lib/libtokyocabinet.so.8.27.0 7f9ef8514000-7f9ef8713000 ---p 00090000 fd:01 272812 /usr/lib/libtokyocabinet.so.8.27.0 7f9ef8713000-7f9ef8714000 r--p 0008f000 fd:01 272812 /usr/lib/libtokyocabinet.so.8.27.0 7f9ef8714000-7f9ef8716000 rw-p 00090000 fd:01 272812 /usr/lib/libtokyocabinet.so.8.27.0 7f9ef8716000-7f9ef880f000 r-xp 00000000 fd:01 263053 /lib/x86_64-linux-gnu/libm-2.15.so 7f9ef880f000-7f9ef8a0e000 ---p 000f9000 fd:01 263053 /lib/x86_64-linux-gnu/libm-2.15.so 7f9ef8a0e000-7f9ef8a0f000 r--p 000f8000 fd:01 263053 /lib/x86_64-linux-gnu/libm-2.15.so 7f9ef8a0f000-7f9ef8a10000 rw-p 000f9000 fd:01 263053 /lib/x86_64-linux-gnu/libm-2.15.so 7f9ef8a10000-7f9ef8a17000 r-xp 00000000 fd:01 263060 /lib/x86_64-linux-gnu/librt-2.15.so 7f9ef8a17000-7f9ef8c16000 ---p 00007000 fd:01 263060 /lib/x86_64-linux-gnu/librt-2.15.so 7f9ef8c16000-7f9ef8c17000 r--p 00006000 fd:01 263060 /lib/x86_64-linux-gnu/librt-2.15.so 7f9ef8c17000-7f9ef8c18000 rw-p 00007000 fd:01 263060 /lib/x86_64-linux-gnu/librt-2.15.so 7f9ef8c18000-7f9ef8c3a000 r-xp 00000000 fd:01 263056 /lib/x86_64-linux-gnu/ld-2.15.so 7f9ef8e2e000-7f9ef8e34000 rw-p 00000000 00:00 0 7f9ef8e35000-7f9ef8e3a000 rw-p 00000000 00:00 0 7f9ef8e3a000-7f9ef8e3b000 r--p 00022000 fd:01 263056 /lib/x86_64-linux-gnu/ld-2.15.so 7f9ef8e3b000-7f9ef8e3d000 rw-p 00023000 fd:01 263056 /lib/x86_64-linux-gnu/ld-2.15.so 7fff42c37000-7fff42c85000 rw-p 00000000 00:00 0 [stack] 7fff42d40000-7fff42d41000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted (core dumped)
Attached is the content I used as a file content
Note : it used to work on Rudder 2.5
Files
Updated by Nicolas CHARLES over 11 years ago
Problem exists on every distrib (ubuntu, debian, sles, centos), only with CFEngine 3.4.4
Updated by Nicolas CHARLES over 11 years ago
Ticket opened on cfengine bugtracker : https://cfengine.com/dev/issues/2562
Updated by Nicolas CHARLES over 11 years ago
On CFEngine 3.2.4, the limit was 8192, and was gracefully enforced (no buffer overflow)
It seems there's soemthing odd there, as http://www.rudder-project.org/redmine/issues/2738 says the issue arises with string between 4096 and 8192, but testing with 3.2.4 doesn't show this behaviour, and 3.4 shows it (so that's opposite to what is stated in the tickets)
Updated by Nicolas CHARLES over 11 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Nicolas CHARLES to Jonathan CLARKE
- Pull Request set to https://github.com/Normation/rudder-packages/pull/58
Fixing CFEngine code to as a similar behaviour as CFEngine 3.2
Updated by Nicolas CHARLES over 11 years ago
- Project changed from 24 to 34
- Category deleted (
Techniques)
Updated by Nicolas CHARLES over 11 years ago
I've made further checks with when the bug apply
On CFengine 3.2.4, 3.3.0 to 3.3.9, using string > 4096 (but < 8192) works
With any CFEngine 3.4.x version does it fail with string > 4096
Updated by Nicolas CHARLES over 11 years ago
The commit that introduces the error is 09613d on CFEngine
Updated by Nicolas CHARLES over 11 years ago
Hum, I tried to see what was wrong, without much success.. there ought to be some gdb involved here to see what causes the error in the commit (after toying a bit with it, i suspect it calls another method that was already there that fails)
Updated by Nicolas CHARLES over 11 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset commit:afd145881033096dddda03f0a4e0b134080de1e0.
Updated by Jonathan CLARKE over 11 years ago
Applied in changeset commit:f2a2e7489ed78db2f84e35954ef6e2e94efc53a7.
Updated by Nicolas CHARLES over 11 years ago
Hum, unfortunately, this corrupts the client-server communication, if both don't have the same BUFSIZE
The AuthenticationDialogue methods in server.c relies a lot on CF_BUFSIZE, and there seems to be something fishy there, that needs to be careful treated on
It wont go in 2.6.1, I'm sorry :(
Updated by Nicolas CHARLES over 11 years ago
- Status changed from Pending release to In progress
- Target version changed from 2.6.1 to 2.6.2
I've reverted this commit; as it borked client-server com
Updated by Dennis Cabooter over 11 years ago
Unfortunatly this is a big show stopper as I'm not able to use 2.6 now at all.
Updated by Nicolas PERRON over 11 years ago
- Target version changed from 2.6.2 to 2.6.3
Updated by Nicolas PERRON over 11 years ago
- Target version changed from 2.6.3 to 2.6.4
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.6.4 to 2.6.5
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.6.5 to 2.6.6
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.6.6 to 2.6.7
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.6.7 to 2.4.11
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.4.11 to 2.6.8
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.6.8 to 2.6.9
Updated by Nicolas PERRON about 11 years ago
- Target version changed from 2.6.9 to 2.6.10
Updated by Vincent MEMBRÉ almost 11 years ago
- Target version changed from 2.6.10 to 2.6.11
Updated by Vincent MEMBRÉ over 10 years ago
- Target version changed from 2.6.11 to 2.6.12
Updated by Vincent MEMBRÉ over 10 years ago
- Target version changed from 2.6.12 to 2.6.13
Updated by Vincent MEMBRÉ over 10 years ago
- Target version changed from 2.6.13 to 2.6.14
Updated by Jonathan CLARKE over 10 years ago
- Target version changed from 2.6.14 to 2.6.16
Updated by Jonathan CLARKE over 10 years ago
- Target version changed from 2.6.16 to 2.6.17
Updated by Nicolas PERRON over 10 years ago
- Target version changed from 2.6.17 to 2.6.18
Updated by Matthieu CERDA about 10 years ago
- Target version changed from 2.6.18 to 2.6.19
Updated by Vincent MEMBRÉ about 10 years ago
- Target version changed from 2.6.19 to 2.6.20
Updated by François ARMAND almost 10 years ago
- Status changed from In progress to 8
- Assignee changed from Jonathan CLARKE to Nicolas CHARLES
- Target version changed from 2.6.20 to 2.10.10
Nicolas, could you please tell us the status of that one on 2.10 and up ?
Updated by Nicolas CHARLES almost 10 years ago
It is still failing in 2.10, at promise generation
expand.c:287: ProgrammingError: ExpandAndMapIteratorsFromScalar called with invalid strlen
it works on 2.11 with a file larger than 8K (didn't try more)
I must admit I didn't know it was working in 2.11 ...
Updated by François ARMAND almost 10 years ago
Is it the same for #2738 (ie, works on 2.11/3.0 ?)
If so, could you update the bugs to state that in the title, perhaps close one (they seems to be similar, but not sure) ? That would be such a good news.
Updated by Vincent MEMBRÉ almost 10 years ago
- Target version changed from 2.10.10 to 2.10.11
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.10.11 to 2.10.12
Updated by Benoît PECCATTE over 9 years ago
- Project changed from 34 to Rudder
- Category set to Packaging
Updated by Nicolas CHARLES over 9 years ago
- Status changed from 8 to Pending release
Applied in changeset rudder-packages|commit:afd145881033096dddda03f0a4e0b134080de1e0.
Updated by Jonathan CLARKE over 9 years ago
Applied in changeset rudder-packages|commit:f2a2e7489ed78db2f84e35954ef6e2e94efc53a7.
Updated by Vincent MEMBRÉ over 9 years ago
- Status changed from Pending release to New
- Reproduced set to No
- Found in version(s) old 2.6.1 added
This was reverted by commit:6f5cfeae and it's still open
Updated by Nicolas CHARLES over 9 years ago
- Subject changed from Using checkgenericfilecontent Technique with very large file content leads to buffer overflow detected to Using checkgenericfilecontent Technique with 4Ko content on 2.10, 8Ko on 2.11 or 16Ko on 3.0 leads to error
Updated title to express the current state of the limitation
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.10.12 to 2.10.13
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.10.13 to 2.10.14
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.10.14 to 2.10.15
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.10.15 to 2.10.16
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.10.16 to 2.10.17
Updated by Vincent MEMBRÉ about 9 years ago
- Target version changed from 2.10.17 to 2.10.18
Updated by Vincent MEMBRÉ about 9 years ago
- Target version changed from 2.10.18 to 2.10.19
Updated by Vincent MEMBRÉ about 9 years ago
- Target version changed from 2.10.19 to 2.10.20
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 2.10.20 to 2.11.18
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 2.11.18 to 2.11.19
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 2.11.19 to 2.11.20
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 2.11.20 to 2.11.21
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 2.11.21 to 2.11.22
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 2.11.22 to 2.11.23
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 2.11.23 to 2.11.24
Updated by Alexis Mousset over 8 years ago
- Category changed from Packaging to Agent
Updated by Alexis Mousset over 8 years ago
- Subject changed from Using checkgenericfilecontent Technique with 4Ko content on 2.10, 8Ko on 2.11 or 16Ko on 3.0 leads to error to Using checkgenericfilecontent Technique with 8Ko on 2.11 or 16Ko on >=3.0 leads to error
- Assignee deleted (
Nicolas CHARLES)
We now (3.1) have a clearer error message, without crashing, when checking the promises:
cf-promise check fails for promises generated at '/var/rudder/share/ff80680f-d3d9-0000-020a-a8a888000000/rules.new/cfengine-community' ⇨ input buffer overflow, can't enlarge buffer because scanner uses REJECT
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 2.11.24 to 308
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 308 to 3.1.14
Updated by Alexis Mousset about 8 years ago
- Subject changed from Using checkgenericfilecontent Technique with 8Ko on 2.11 or 16Ko on >=3.0 leads to error to Using checkgenericfilecontent Technique with 16Ko content leads to error
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.14 to 3.1.15
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.15 to 3.1.16
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.16 to 3.1.17
Updated by Vincent MEMBRÉ almost 8 years ago
- Target version changed from 3.1.17 to 3.1.18
Updated by Vincent MEMBRÉ almost 8 years ago
- Target version changed from 3.1.18 to 3.1.19
Updated by Benoît PECCATTE over 7 years ago
- Status changed from New to Rejected
This is solved in recent cfengine versions.
Actions