You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Chris Darroch (JIRA)" <ji...@apache.org> on 2009/07/14 05:26:14 UTC
[jira] Created: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
crash on zookeeper_close() when using auth with empty cert
----------------------------------------------------------
Key: ZOOKEEPER-466
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
Project: Zookeeper
Issue Type: Bug
Components: c client
Affects Versions: 3.2.0
Reporter: Chris Darroch
Fix For: 3.2.1
The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Patrick Hunt (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Patrick Hunt reassigned ZOOKEEPER-466:
--------------------------------------
Assignee: Chris Darroch
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Assignee: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Benjamin Reed (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benjamin Reed updated ZOOKEEPER-466:
------------------------------------
Status: Open (was: Patch Available)
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Assignee: Chris Darroch
> Fix For: 3.2.1, 3.3.0
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Patrick Hunt (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Patrick Hunt updated ZOOKEEPER-466:
-----------------------------------
Resolution: Fixed
Hadoop Flags: [Reviewed]
Status: Resolved (was: Patch Available)
great, thanks Chris! +1.
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Assignee: Chris Darroch
> Fix For: 3.2.1, 3.3.0
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Chris Darroch (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Darroch updated ZOOKEEPER-466:
------------------------------------
Attachment: (was: ZOOKEEPER-466.patch)
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Patrick Hunt (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Patrick Hunt updated ZOOKEEPER-466:
-----------------------------------
Fix Version/s: 3.3.0
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Assignee: Chris Darroch
> Fix For: 3.2.1, 3.3.0
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Chris Darroch (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Darroch updated ZOOKEEPER-466:
------------------------------------
Attachment: ZOOKEEPER-466.patch
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch, ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Benjamin Reed (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benjamin Reed updated ZOOKEEPER-466:
------------------------------------
Status: Patch Available (was: Open)
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Assignee: Chris Darroch
> Fix For: 3.2.1, 3.3.0
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12738965#action_12738965 ]
Hudson commented on ZOOKEEPER-466:
----------------------------------
Integrated in ZooKeeper-trunk #404 (See [http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/404/])
. crash on zookeeper_close() when using auth with empty cert
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Assignee: Chris Darroch
> Fix For: 3.2.1, 3.3.0
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Chris Darroch (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Darroch updated ZOOKEEPER-466:
------------------------------------
Attachment: (was: ZOOKEEPER-466.patch)
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Chris Darroch (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Darroch updated ZOOKEEPER-466:
------------------------------------
Attachment: ZOOKEEPER-466.patch
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ZOOKEEPER-466) crash on zookeeper_close() when
using auth with empty cert
Posted by "Chris Darroch (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/ZOOKEEPER-466?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Darroch updated ZOOKEEPER-466:
------------------------------------
Release Note: Fixes crash in zookeeper_close() when zoo_add_auth() used with empty cert string.
Status: Patch Available (was: Open)
> crash on zookeeper_close() when using auth with empty cert
> ----------------------------------------------------------
>
> Key: ZOOKEEPER-466
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-466
> Project: Zookeeper
> Issue Type: Bug
> Components: c client
> Affects Versions: 3.2.0
> Reporter: Chris Darroch
> Fix For: 3.2.1
>
> Attachments: ZOOKEEPER-466.patch
>
>
> The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.
> In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.
> The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.