ZooKeeper
  1. ZooKeeper
  2. ZOOKEEPER-466

crash on zookeeper_close() when using auth with empty cert

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.0
    • Fix Version/s: 3.2.1, 3.3.0
    • Component/s: c client
    • Labels:
      None
    • Hadoop Flags:
      Reviewed
    • Release Note:
      Fixes crash in zookeeper_close() when zoo_add_auth() used with empty cert string.

      Description

      The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.

      In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.

      The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.

        Issue Links

          Activity

          Hide
          Hudson added a comment -

          Integrated in ZooKeeper-trunk #404 (See http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/404/)
          . crash on zookeeper_close() when using auth with empty cert

          Show
          Hudson added a comment - Integrated in ZooKeeper-trunk #404 (See http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/404/ ) . crash on zookeeper_close() when using auth with empty cert
          Hide
          Patrick Hunt added a comment -

          great, thanks Chris! +1.

          Show
          Patrick Hunt added a comment - great, thanks Chris! +1.

            People

            • Assignee:
              Chris Darroch
              Reporter:
              Chris Darroch
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development