Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 130 of 808  Not logged in ELOG logo
 Find |  Login |  Help 
 Full | Summary | Threaded | Hide attachments  Show only new entries    6457 Entries 
Goto page Previous  1, 2, 3 ... 129, 130, 131 ... 806, 807, 808   Next  
ID Date Icon Authordown Author Email Category OS ELOG Version Subject
  69502   Tue Mar 29 11:31:55 2022 Reply Stefano Lacaprarastefano.lacaprara@pd.infn.itBug reportLinuxelogd 3.1.4 Re: crash with attachment with very long filename
Hi Stefan,
  

> Hi Stefano,
> 
> well, why in heaven's name do you run 200+ chars file names?

This is a very good question, and I asked the same to my user: the use case is typically that the attachment names are generated programmatcally, and many steps of the script add a string to it, plus sometime the original filename has hiragana or even kanji character.

So, long story short, it has happened in our production environment

The file I'm using was indeed generated from /dev/random, but that was the earies way fo rme to create such long filename.

Backtrace with lines is as follow.

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) where
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007ffff7cf4859 in __GI_abort () at abort.c:79
#2  0x00007ffff7d5f29e in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff7e8908f "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:155
#3  0x00007ffff7e01aea in __GI___fortify_fail (msg=msg@entry=0x7ffff7e89025 "buffer overflow detected") at fortify_fail.c:26
#4  0x00007ffff7e00386 in __GI___chk_fail () at chk_fail.c:28
#5  0x00007ffff7d5707f in _IO_str_chk_overflow (fp=<optimized out>, c=<optimized out>) at iovsprintf.c:35
#6  0x00007ffff7d64054 in __GI__IO_default_xsputn (n=<optimized out>, data=<optimized out>, f=<optimized out>) at libioP.h:948
#7  __GI__IO_default_xsputn (f=0x7ffffff36c70, data=<optimized out>, n=241) at genops.c:370
#8  0x00007ffff7d4912c in __vfprintf_internal (s=s@entry=0x7ffffff36c70, format=format@entry=0x555555622e74 "../%s/%s/%s", ap=ap@entry=0x7ffffff36db0, mode_flags=mode_flags@entry=6) at ../libio/libioP.h:948
#9  0x00007ffff7d57129 in __vsprintf_internal (
    string=0x7ffffff370f0 "../DAQ/220329_090332/IjU4CK54jRBuQhOdUANqC6X8i8x1yoGGKozhtuM2M0Cc8MnauDwSzAs0BiVwAIzyC4TJqmDArrIA9Exja36xXqc6PSUjOE5hkiW1YeG1R9FM64tmdq52vvo1NsqLOk6I02RBlgnQB7hoUQa1fwb8ZdoRo3BJ9WJGq2sErewo8BL9dAZhZF9"..., maxlen=<optimized out>, format=0x555555622e74 "../%s/%s/%s", 
args=args@entry=0x7ffffff36db0, mode_flags=6) at iovsprintf.c:95
#10 0x00007ffff7dffe7b in ___sprintf_chk (s=<optimized out>, flag=<optimized out>, slen=<optimized out>, format=<optimized out>) at sprintf_chk.c:40
#11 0x00005555555a939d in sprintf (__fmt=0x555555622e74 "../%s/%s/%s", __s=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/stdio2.h:36
#12 display_line (lbs=0x55555664b818, message_id=9, number=<optimized out>, mode=0x7ffffffd2b80 "Summary", expand=1, level=0, printable=0, n_line=3, show_attachments=0, show_att_column=1, 
    date=0x7ffffffd2a40 "Tue, 29 Mar 2022 09:03:35 +0000", in_reply_to=0x7ffffffd2a90 "", reply_to=0x7ffffffd3160 "", n_attr_disp=7, disp_attr=0x7ffffff86760, disp_attr_link=0x7ffffff386a0, attrib=0x7ffffff3d380, 
    n_attr=5, text=0x5555567f26f8 "", show_text=1, attachment=0x7ffffff3a180, encoding=0x7ffffffd2ae0 "plain", select=0, n_display=0x7ffffff38438, locked_by=0x7ffffffd2d60 "", highlight=0, re_buf=0x7ffffff38840, 
    highlight_mid=0, absolute_link=0, draft=0x7ffffffd2f60 "") at src/elogd.c:18214
#13 0x00005555555ddc8a in show_elog_list (lbs=<optimized out>, past_n=<optimized out>, last_n=<optimized out>, page_n=<optimized out>, default_page=<optimized out>, info=<optimized out>) at src/elogd.c:21741
#14 0x00005555556010cf in interprete (lbook=<optimized out>, path=<optimized out>) at src/elogd.c:28362
#15 0x0000555555601a33 in decode_get (logbook=0x7fffffffbda0 "DAQ", string=<optimized out>) at src/elogd.c:28401
#16 0x000055555560461f in process_http_request (request=<optimized out>, i_conn=<optimized out>) at src/elogd.c:29209
#17 0x0000555555607745 in server_loop () at src/elogd.c:30233
#18 0x000055555555a92c in main (argc=<optimized out>, argv=<optimized out>) at src/elogd.c:31258


I'm not using the latest git version, but elog-3.1.4-3 from tar-ball, as I'm not able to compile elog from git
Is there any special thing I have to do?

In file included from src/auth.cxx:30:
src/elogd.h:282:40: note:   initializing argument 2 of ‘int get_user_line(LOGBOOK*, char*, char*, char*, char*, BOOL*, time_t*, int*)’
  282 | int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
      |                                  ~~~~~~^~~~
make: *** [Makefile:140: auth.o] Error 1

thanks for your help.

Stefano


I see that they are generated probably automatically, but I guess you will run in all kinds of other problems in doing that.
> 
> I had a check with elogd. I found one buffer overflow once you delete an attachment with a long file name. I fixed that and committed the change.
> 
> Concerning your crash, I was not able to reproduce it. Used a 255 char long filename, and could NOT crash elogd. Maybe you have an oder version or some special config options which
> trigger that crash. Try with the newest git version and a minimal elogd.cfg configuration. Please also add line numbers during compilation (-g -o0 flags) so that I can better analyze
> your backtrace. Best would be if I could reproduce your error.
> 
> Best,
> Stefan
> 
> 
> 
> > Hi,
> >   I'm running 
> > elogd 3.1.4 built Jan 27 2021, 09:56:34 revision 395e101a
> > on an ubuntu server.
> > 
> > I have a crash when very long filename (200 chars) are attached to an logbook entry.
> > 
> > The uploading of the attachment works almost fine: the filename is truncated and the convert to thumbnail is not working (as a consequence, maybe) but the file is actually uploaded and can be 
> > downloaded correctly from the entry itself.
> > 
> > However, if I try to access the logbook list which contains that entry, I have a crash:
> > 
> > *** buffer overflow detected ***: terminated
> > Aborted (core dumped)
> > 
> > [backtrace is attached below]
> > 
> > The only way I found to solve this is to edit manually the log entry and delete the attachment from it.
> > 
> > Any suggestion how to solve this?
> > 
> > Thanks
> >   Stefano
> > 
> > 
> > *** buffer overflow detected ***: terminated
> > 
> > Program received signal SIGABRT, Aborted.
> > __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
> > 50	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
> > (gdb) bp
> > Undefined command: "bp".  Try "help".
> > (gdb) backtrace 
> > #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
> > #1  0x00007ffff7cf4859 in __GI_abort () at abort.c:79
> > #2  0x00007ffff7d5f29e in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7ffff7e8908f "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:155
> > #3  0x00007ffff7e01aea in __GI___fortify_fail (msg=msg@entry=0x7ffff7e89025 "buffer overflow detected") at fortify_fail.c:26
> > #4  0x00007ffff7e00386 in __GI___chk_fail () at chk_fail.c:28
> > #5  0x00007ffff7d5707f in _IO_str_chk_overflow (fp=<optimized out>, c=<optimized out>) at iovsprintf.c:35
> > #6  0x00007ffff7d64054 in __GI__IO_default_xsputn (n=<optimized out>, data=<optimized out>, f=<optimized out>) at libioP.h:948
> > #7  __GI__IO_default_xsputn (f=0x7ffffff36ca0, data=<optimized out>, n=241) at genops.c:370
> > #8  0x00007ffff7d4912c in __vfprintf_internal (s=s@entry=0x7ffffff36ca0, format=format@entry=0x555555622e74 "../%s/%s/%s", ap=ap@entry=0x7ffffff36de0, mode_flags=mode_flags@entry=6)
> >     at ../libio/libioP.h:948
> > #9  0x00007ffff7d57129 in __vsprintf_internal (
> >     string=0x7ffffff37120 
> > "../DAQ/220325_090630/j5K1OSy8XN9FRPriaBGOmMg3bih07CQKo68Sw6dskclxdOqKaTOsf2bX8UugSWn0s8zaAHe6VWiPcQVnmD8PM1tbQoVMr08dBrXKU2X2tBR4pJ3hlfxbKjspmcbiDTMy32eHIp6lFAVA9lppShmpiut4g4CtgDK3F2bOPzgzXEjPw
> > W0SJWG"..., maxlen=<optimized out>, format=0x555555622e74 "../%s/%s/%s", args=args@entry=0x7ffffff36de0, mode_flags=6) at iovsprintf.c:95
> > #10 0x00007ffff7dffe7b in ___sprintf_chk (s=<optimized out>, flag=<optimized out>, slen=<optimized out>, format=<optimized out>) at sprintf_chk.c:40
> > #11 0x00005555555a939d in display_line ()
> > #12 0x00005555555ddc8a in show_elog_list ()
> > #13 0x00005555556010cf in interprete ()
> > #14 0x0000555555601a33 in decode_get ()
> > #15 0x000055555560461f in process_http_request ()
> > #16 0x0000555555607745 in server_loop ()
> > #17 0x000055555555a92c in main ()
  69772   Mon Apr 8 10:49:10 2024 Entry Stefano Lacaprarastefano.lacaprara@pd.infn.itQuestionLinuxELOG V3.1.4-395today date in template
Hello,
  I am using template for some elogbook entries.

Is is possible to automatically change the template using the actual date in some filed. 

Something like: the template has a place-holder <start date> and this is replaced with today's date when a new entry is created.

I already have a "date" filed which is automatically filled, but I've been asked to have the date also in the template.

Thanks in advance
Stefano
  68505   Thu Dec 15 14:44:32 2016 Reply Stefano Bonaldostefano.bonaldo.13@gmail.comBug reportMac OSX3.1.2Re: elogd crash on sorting the entries by an datetime attribute

Hello Stefan, thanks for your answer. So I made a new logbook, without entries. I generated, as you, two new entries and I discover that this problem come out when in the URL the command for the sorting follow the command of the display mode. So for example the following URL give me the issue:

http://local.host.com:8080/65+nm/?mode=summary&sort=Record+date

But if I put:

http://local.host.com:8080/65+nm/?sort=Record+date&mode=summary

This last URL is working. This means that the issue come out, when I change the dispay mode by the buttons "Full, Summary, Threaded" and then I click on the Coloumn "Record date" for sorting it. Hope you understand and you can reproduce it. Many thanks

EDIT: I'm facing the same problem on another MAC with a fresh installation of elogd.

Stefan Ritt wrote:

I tried your config file on my Mac and it just worked fine without any crash:

Could it be that on entry has corrupt data and is killing your server? Have you tried on a pristine new logbook?

Stefan

stefano bonaldo wrote:

Hello,

I'm facing with a crash, which happen when I sort the entries by a datetime attribute (sort or rsort) and then i change the display mode from Full, Summary and Threaded.

For example, the elogd crashes when I try to connect from the Full display to Summary in sort mode. The issue presents for example by entering with the following URL:

http://host.name.com:8080/65+nm/?mode=summary&sort=Record+date

Can you please help me?

Here I reduced my elogd.cfg at minimum and I still get this issue:

[global]
port = 8080

[65 nm]
Attributes = Record date

Type Record date = datetime
Preset Record date = $date
List Display = Record date
Start page = ?sort=Record date

 

 

  68506   Thu Dec 15 15:04:53 2016 Reply Stefano Bonaldostefano.bonaldo.13@gmail.comQuestionMac OSX3.1.2Re: MacOS install failure - cannot find ssl.h
Currently, in my MacBook Pro with Sierre, the search path /opt/local/include of the prprocessor is not included.

cpp -v
Apple LLVM version 8.0.0 (clang-800.0.38)
Target: x86_64-apple-darwin16.1.0
....
#include "..." search starts here:
#include <...> search starts here:
/usr/local/include
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/8.0.0/include
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include
/usr/include
/System/Library/Frameworks (framework directory)
/Library/Frameworks (framework directory)
  68509   Fri Dec 16 02:44:53 2016 Reply Stefano Bonaldostefano.bonaldo.13@gmail.comBug reportMac OSX3.1.2Re: elogd crash on sorting the entries by an datetime attribute

Hello Alan,

I tried with a new logbook with an attribute without "date" name, but unfortunately I got the same error. Any other suggestions?

Thanks

Alan Grant wrote:

Hi Stefano.

This may or may not have anything to do with your specific problem but I notice you have the single word "date" as part of your attribute name and Date is actually a reserved word in Elog. Although your attribute is not exclusively called "date" I have found that even using "date" as an isolated word within an attribute name (eg: Record date vs Record_date) can cause some issues. In my case, it caused a problem with the elog client when trying to update records which was only resolved when I changed the name of the attribute to Date/Time Received from Date and Time Received. Long story short, I avoid using any reserved words as part of attribute names.

Alan.

stefano bonaldo wrote:

Hello,

I'm facing with a crash, which happen when I sort the entries by a datetime attribute (sort or rsort) and then i change the display mode from Full, Summary and Threaded.

For example, the elogd crashes when I try to connect from the Full display to Summary in sort mode. The issue presents for example by entering with the following URL:

http://host.name.com:8080/65+nm/?mode=summary&sort=Record+date

Can you please help me?

Here I reduced my elogd.cfg at minimum and I still get this issue:

[global]
port = 8080

[65 nm]
Attributes = Record date

Type Record date = datetime
Preset Record date = $date
List Display = Record date
Start page = ?sort=Record date

 

 

  68512   Fri Dec 16 14:44:19 2016 Agree Stefano Bonaldostefano.bonaldo.13@gmail.comBug fixMac OSX3.1.2Re: elogd crash on sorting the entries by an datetime attribute

Bug FIXED! Many thanks Stefan and my warmest congratulations for the elog project.

Stefano

 

Stefan Ritt wrote:

Ok I found it!

Was tricky. In my development environment (XCode) it worked fine. Only when I compiled elogd under Sierra on the command line, the probelm occured. That's why I did not see it earlier. It has to do with some functions Apple apparently changed ("strlcpy"). These function now have a new "functionality": When two parameters overlap, the function just aborts the process. This is specific to Sierre, so on any other Linux this does not happen. I changed now the soruce code to take care of the modified functions, and now it works fine. Please update to the newest GIT revision of elogd and recompile.

Stefan

 

  68676   Tue Aug 22 18:29:02 2017 Question Stefano Bonaldostefano.bonaldo.13@gmail.comQuestionMac OSXv3.1.2Hide logbook tab when not authorized

Hello, I read carefully the manual, but I didn't find a way to hide the logbooks in the logbook bar and in the initial logbook selection for which the user does not have the access. So, if a user1 does not have the access to a specific logbook, user1 is not able to see that logbook in the bar and neither in the initial logbook selection. How can I do this without using the top groups?

  68679   Wed Aug 23 20:09:39 2017 Reply Stefano Bonaldostefano.bonaldo.13@gmail.comQuestionMac OSXv3.1.2Re: Hide logbook tab when not authorized

Hi Andreas,

many thanks for your answer. I partially agree with you, because sometimes "for privacy" of my working group I don't want that other users (external users) know the existance of the other logbooks.

Do you think that will be implemented in future?

Best regards, Stefano

Andreas Luedeke wrote:

Hi Stefano,

I think your assessment is correct: it is not possible to hide a logbook based on your read/write privileges.
And I'm not even sure that this would make much sense: at least you need to be able to get to the login page of the logbook.
But if you don't have read privileges for a logbook, you'll be automatically redirected to the login page, as soon as you select this logbook.

Kind Regards, Andreas

Stefano Bonaldo wrote:

Hello, I read carefully the manual, but I didn't find a way to hide the logbooks in the logbook bar and in the initial logbook selection for which the user does not have the access. So, if a user1 does not have the access to a specific logbook, user1 is not able to see that logbook in the bar and neither in the initial logbook selection. How can I do this without using the top groups?

 

 

Goto page Previous  1, 2, 3 ... 129, 130, 131 ... 806, 807, 808   Next  
ELOG V3.1.5-3fb85fa6