ELOG Forum

Demo Discussion

Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG, Page 519 of 808

Not logged in

Find | Login | Help

Full | Summary | Threaded | Collapse | Expand

6457 Entries

Goto page Previous 1, 2, 3 ... 518, 519, 520 ... 806, 807, 808 Next

Re: segfault in auth.c:366, posted by gary holman on Wed Apr 28 04:01:49 2021

Dear Mr Ritt, Mr Schenk,

Thank you for the responses. This was indeed my issue and direction to fix the crash.

Thank you,

Gary

Sebastian Schenk wrote:

Hi Mr. Holman,

The problem you are facing is more likely the issue, that the LDAP method is only provided as-is from a different developer.

I had a similar issue with the LDAP of my university.
I can't remember the correct error messages, but it looks similar, which arises from the used c library for LDAP.
The LDAP connection response can have 2 different variable types and only one of them is implemented in the elog, the other one crashes the elog with segfault.

I could fix it with this patch:
https://bitbucket.org/merrx/elog/commits/5a75fdb3e0b723380dae73bb57653946ed72690c
Obviously you have to adapt "displayName" and "postOfficeBox" to represent the name and email attributes of your LDAP structure.

I didn't made a PR for this commit, because it would break the current LDAP implementation, i assume.

Best wishes,
Sebastian

gary holman wrote:

Elog version: ELOG V3.1.4-611489ba

I am running openldap on the localhost. For some reason now, elogd is segfaulting when (I believe) when a new user is being added to the password file. For example:

1. I delete user passord file defined in elogd.cfg

2. Bind/Authenticate to LDAP successfully

3. Segfaults in auth.c ldap_adduser_file()

Makefile:
...
ELOGDIR = /opt/elog
DESTDIR = $(ROOT)$(PREFIX)/bin
SDESTDIR = $(ROOT)$(PREFIX)/sbin
RCDIR = $(ROOT)/etc/rc.d/init.d
SRVDIR = $(ROOT)/usr/lib/systemd/system

# flag for SSL support
USE_SSL = 1

# flag for Kerberos support, please turn off if you don't need Kerberos
USE_KRB5 = 0

# flag for LDAP support, please turn off if you don't need LDAP
USE_LDAP = 1# flag for PAM support, please turn of if you don't need PAM
USE_PAM = 0
...

For authentication, I am using openldap in the localhost:

----
Authentication = LDAP
LDAP server = ldap://localhost:389
LDAP userbase = ou=people,dc=example,dc=org
LDAP login attribute = uid
LDAP register = 1
Password file = /opt/elog/users

gdb output

----------

(gdb) run -s /opt/elog -c /opt/elog/elogd.cfg -f /var/run/elog/elog.pid
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/ubuntu/UPGRADE-42221/work-src/elog/elogd -s /opt/elog -c /opt/elog/elogd.cfg -f /var/run/elog/elog.pid
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
elogd 3.1.4 built Apr 22 2021, 19:19:39 revision 611489ba
File "/var/run/elog/elog.pid" exists, overwriting it.
CKeditor detected
ImageMagick detected
Indexing logbooks ... done
Server listening on port 9011 ...

Breakpoint 1, ldap_adduser_file (lbs=0x555556811ad8, user=0x7ffffffd3bd0 "testuser", password=0x5555558ea110 <_value+6000> "testuser", error_str=0x7ffffffd53d0 "", error_size=<optimized out>) at src/auth.c:350
350   if (rc != LDAP_SUCCESS) {
(gdb) n
337   rc = ldap_search_ext_s(
(gdb) n
350   if (rc != LDAP_SUCCESS) {
(gdb) n
358   for(entry = ldap_first_entry(ldap_ld,result);
(gdb) n
371   if(strcmp(attribute,"mail")==0 || strcmp(attribute,"rfc822Mailbox")==0)
(gdb) n
361   for(attribute = ldap_first_attribute(ldap_ld,entry,&ber);
(gdb) n
365   if((values = ldap_get_values(ldap_ld,entry,attribute)) != NULL ) {
(gdb) n
366   for(i=0; values[i] != NULL; i++) {
(gdb) n

Program received signal SIGSEGV, Segmentation fault.
ldap_adduser_file (lbs=0x555556811ad8, user=0x7ffffffd3bd0 "testuser", password=0x5555558ea110 <_value+6000> "testuser", error_str=<optimized out>, error_size=<optimized out>) at src/auth.c:366
366 for(i=0; values[i] != NULL; i++) {
(gdb) p attribute
$1 = 0x5555567f6a20 "uid"
(gdb) p values
$2 = (char **) 0x567f74f0

This user in LDAP:
-------------------------
# TESTUSER, people, example.org
dn: uid=TESTUSER,ou=people,dc=example,dc=org
uid: TESTUSER
cn: TESTUSER
givenName: TESTUSER
sn:: VEVTVFVTRVIg
mail: TESTUSER
uidNumber: 10000
gidNumber: 10000
homeDirectory: /dev/null
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
userPassword:: e1NTSEF9Y21ua1lsdFpMZ3ZrZlZ4OUp3MFN3cUY3NWIzdkFCSWY=

Segfault on elog-3.1.5-1 when uploading file., posted by gary holman on Thu Dec 12 18:45:49 2024

I am receiving a segfault whenever I attempt to upload a file. Please see attached .txt for valgrind output. This occurs in version elog-3.1.5-1. I reverted back to version elog-3.1.4-3 and the segfault does not occur.

Segfault occurs in Elog version: elog-3.1.5-1

System:

Virtualization: kvm
Operating System: Ubuntu 24.04.1 LTS
Kernel: Linux 6.8.0-49-generic
Architecture: x86-64
Hardware Vendor: QEMU
Hardware Model: Standard PC _Q35 + ICH9, 2009_
Firmware Version: 1.15.0-1
Firmware Date: Tue 2014-04-01
Firmware Age: 10y 8month 1w 5d

Valgrind command: valgrind -v --leak-check=full --track-origins=yes ./elogd -s /usr/local/elog -c /var/www/elog/he6/elogd.cfg -f /var/run/elog/he6.pid

Steps to reproduce:

1. Login elog

2. Create new logbook entry

3. Attachement 1: Select Browse

4. Select any file.

5. Select Upload

Re: Segfault on elog-3.1.5-1 when uploading file., posted by gary holman on Thu Dec 12 19:01:39 2024

Looks like duplicate report to https://elog.psi.ch/elogs/Forum/69826

gary holman wrote:

Segfault occurs in Elog version: elog-3.1.5-1

System:

Valgrind command: valgrind -v --leak-check=full --track-origins=yes ./elogd -s /usr/local/elog -c /var/www/elog/he6/elogd.cfg -f /var/run/elog/he6.pid

Steps to reproduce:

1. Login elog

2. Create new logbook entry

3. Attachement 1: Select Browse

4. Select any file.

5. Select Upload

Re: Segfault on elog-3.1.5-1 when uploading file., posted by gary holman on Thu Dec 12 19:01:39 2024

Looks like duplicate report to https://elog.psi.ch/elogs/Forum/69826

gary holman wrote:

Segfault occurs in Elog version: elog-3.1.5-1

System:

Valgrind command: valgrind -v --leak-check=full --track-origins=yes ./elogd -s /usr/local/elog -c /var/www/elog/he6/elogd.cfg -f /var/run/elog/he6.pid

Steps to reproduce:

1. Login elog

2. Create new logbook entry

3. Attachement 1: Select Browse

4. Select any file.

5. Select Upload

Re: Segfault on elog-3.1.5-1 when uploading file., posted by gary holman on Thu Dec 12 20:29:40 2024

Thanks for further instructions here is full stack trace:

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
warning: 44 ./nptl/pthread_kill.c: No such file or directory
(gdb) where
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3 0x00007ffff764526e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4 0x00007ffff76288ff in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007ffff76297b6 in __libc_message_impl (fmt=fmt@entry=0x7ffff77ce765 "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:132
#6 0x00007ffff7736c19 in __GI___fortify_fail (msg=msg@entry=0x7ffff77ce74c "buffer overflow detected") at ./debug/fortify_fail.c:24
#7 0x00007ffff77365d4 in __GI___chk_fail () at ./debug/chk_fail.c:28
#8 0x00007ffff7738019 in __strlcpy_chk (s1=<optimized out>, s2=<optimized out>, n=<optimized out>, s1len=<optimized out>) at ./debug/strlcpy_chk.c:28
#9 0x000055555557ac8a in strlcpy (__n=356, __src=0x89ab3c42edf52f00 <error: Cannot access memory at address 0x89ab3c42edf52f00>, __dest=0x7ffffffd5370 "agarcia") at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:156
#10 el_submit_attachment (lbs=lbs@entry=0x5555566873d8, afilename=afilename@entry=0x7ffffffd57e0 "pfSense-UDP4-1194-yuhaosun-config.ovpn",
buffer=buffer@entry=0x5555566bba67 "dev tun\npersist-tun\npersist-key\ndata-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC\ndata-ciphers-fallback AES-256-CBC\nauth SHA256\ntls-client\nclient\nresolv-retry infinite\nremote pfsense."...,
buffer_size=buffer_size@entry=5265, full_name=full_name@entry=0x7ffffffd58e0 "") at src/elogd.cxx:4547
#11 0x00005555555f91ea in decode_post (logbook=logbook@entry=0x7fffffffbff0 "He6", lbs=lbs@entry=0x5555566873d8, string=<optimized out>,
string@entry=0x5555566bb1c9 '-' <repeats 29 times>, "16417726823211458101306576170\r\nContent-Disposition: form-data; name=\"unm\"\r\n\r\ngholman\r\n", '-' <repeats 29 times>, "16417726823211458101306576170\r\nContent-Disposition: form"...,
boundary=boundary@entry=0x7fffffffbef0 '-' <repeats 27 times>, "16417726823211458101306576170", length=length@entry=7649) at src/elogd.cxx:28662
#12 0x00005555555fb5cc in process_http_request (
crequest=crequest@entry=0x555556656658 "POST /He6/ HTTP/1.0\r\nHost: xxx.xxx.xxx.xxx\r\nX-Real-IP: 192.168.101.2\r\nX-Forwarded-For: 192.168.101.2\r\nConnection: close\r\nContent-Length: 7649\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win6"...,
i_conn=i_conn@entry=0) at src/elogd.cxx:29317
#13 0x00005555555ffc68 in server_loop () at src/elogd.cxx:30302
#14 0x000055555555b1b9 in main (argc=<optimized out>, argv=<optimized out>) at src/elogd.cxx:31327
(gdb)

Stefan Ritt wrote:

A statement like "core dumped" does not help much. Same with valgrind memory leaks. I need a full strack trace with all parameters when the segment violation occurs. The easiest is when you run elogd vom inside gdb, and once you get the signal, do a "where" to see th full stack trace.

As you can see from this forum, there is absolutely no crash when you upload any file, so it must have to do with your config file or anything whcih is special in yoru environment. We have to find what this is so that I can reproduce it here.

Stefan

Re: Segfault on elog-3.1.5-1 when uploading file., posted by gary holman on Fri Dec 13 19:40:57 2024

Thanks Stefen!

I built from source (ELOG V3.1.5-3a5f2f00) and I confirmed as fixed.

Stefan Ritt wrote:

Thanks to your stack trace, I found a case where a string might get overwritten, but only if the attachment file name is longer than 256 chars. I fixed the code and made a new RPM:

https://www.dropbox.com/scl/fi/r37qx9aka5ytt3j7vn4km/elog-3.1.5-20241213.el8.x86_64.rpm?rlkey=knct99pdltggunrbmyr2hpfe5&st=pkre24aq&dl=0

Alternatively, you can compile from sources. Give it a try.

Stefan

Is it possible to only send an email based on the value of multiple attributes?, posted by Darren Hollinrake on Mon Mar 9 17:03:38 2015

My current setup notifies users if downtime = yes.

Email Downtime Yes = user1@xyz.com, user2@xyz.com

Is it possible to only send an email based on the value of multiple attributes?
For my use:
user1 only needs notifications if Platform = Workstation and Downtime = Yes
user2 only needs notifications if Platform = Network and Downtime = Yes

Re: Installation: Failed Dependencies, posted by Darren Hollinrake on Sat Mar 19 15:24:29 2016

I did the following on CentOS 6.7 (Should work for Fedora and RHEL as well):

yum install -y wget

wget http://midas.psi.ch/elog/download/RPMS/elog-latest.i386.rpm

yum install -y elog-latest.i386.rpm

This should install all the required dependencies.

Phil Rubin wrote:

Is there anything I can do about this?

kernel: 2.6.32-279.14.1.el6.x86_64

ldd (GNU libc) 2.12

/lib64/libc.so.6

/usr/lib64/libssl.so.10

rpm -i elog-latest.i386.rpm

error: Failed dependencies:

libc.so.6 is needed by elog-3.1.1-1.i386

libc.so.6(GLIBC_2.0) is needed by elog-3.1.1-1.i386

libc.so.6(GLIBC_2.1) is needed by elog-3.1.1-1.i386

libc.so.6(GLIBC_2.1.3) is needed by elog-3.1.1-1.i386

libc.so.6(GLIBC_2.3) is needed by elog-3.1.1-1.i386

libssl.so.6 is needed by elog-3.1.1-1.i386

Goto page Previous 1, 2, 3 ... 518, 519, 520 ... 806, 807, 808 Next

ELOG V3.1.5-3fb85fa6