ZooKeeper
  1. ZooKeeper
  2. ZOOKEEPER-466

crash on zookeeper_close() when using auth with empty cert

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.0
    • Fix Version/s: 3.2.1, 3.3.0
    • Component/s: c client
    • Labels:
      None
    • Hadoop Flags:
      Reviewed
    • Release Note:
      Fixes crash in zookeeper_close() when zoo_add_auth() used with empty cert string.

      Description

      The free_auth_info() function calls deallocate_Buffer(&auth->auth) on every element in the auth list; that function frees any memory pointed to by auth->auth.buff if that field is non-NULL.

      In zoo_add_auth(), when certLen is zero (or cert is NULL), auth.buff is set to 0, but then not assigned to authinfo->auth when auth.buff is NULL. The result is uninitialized data in auth->auth.buff in free_auth_info(), and potential crashes.

      The attached patch adds a test which attempts to duplicate this error; it works for me but may not always on all systems as it depends on the uninitialized data being non-zero; there's not really a simple way I can see to trigger this in the current test framework. The patch also fixes the problem, I believe.

        Issue Links

          Activity

          Chris Darroch created issue -
          Chris Darroch made changes -
          Field Original Value New Value
          Attachment ZOOKEEPER-466.patch [ 12413376 ]
          Chris Darroch made changes -
          Attachment ZOOKEEPER-466.patch [ 12413377 ]
          Chris Darroch made changes -
          Attachment ZOOKEEPER-466.patch [ 12413376 ]
          Chris Darroch made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Release Note Fixes crash in zookeeper_close() when zoo_add_auth() used with empty cert string.
          Chris Darroch made changes -
          Attachment ZOOKEEPER-466.patch [ 12413378 ]
          Chris Darroch made changes -
          Attachment ZOOKEEPER-466.patch [ 12413377 ]
          Chris Darroch made changes -
          Link This issue blocks ZOOKEEPER-474 [ ZOOKEEPER-474 ]
          Patrick Hunt made changes -
          Assignee Chris Darroch [ cdarroch ]
          Patrick Hunt made changes -
          Fix Version/s 3.3.0 [ 12313976 ]
          Benjamin Reed made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Benjamin Reed made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Hide
          Patrick Hunt added a comment -

          great, thanks Chris! +1.

          Show
          Patrick Hunt added a comment - great, thanks Chris! +1.
          Patrick Hunt made changes -
          Status Patch Available [ 10002 ] Resolved [ 5 ]
          Hadoop Flags [Reviewed]
          Resolution Fixed [ 1 ]
          Hide
          Hudson added a comment -

          Integrated in ZooKeeper-trunk #404 (See http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/404/)
          . crash on zookeeper_close() when using auth with empty cert

          Show
          Hudson added a comment - Integrated in ZooKeeper-trunk #404 (See http://hudson.zones.apache.org/hudson/job/ZooKeeper-trunk/404/ ) . crash on zookeeper_close() when using auth with empty cert
          Patrick Hunt made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Gavin made changes -
          Link This issue blocks ZOOKEEPER-474 [ ZOOKEEPER-474 ]
          Gavin made changes -
          Link This issue is depended upon by ZOOKEEPER-474 [ ZOOKEEPER-474 ]
          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Patch Available Patch Available Open Open
          16d 15h 54m 1 Benjamin Reed 30/Jul/09 20:23
          Open Open Patch Available Patch Available
          3m 10s 2 Benjamin Reed 30/Jul/09 20:23
          Patch Available Patch Available Resolved Resolved
          4d 6h 36m 1 Patrick Hunt 04/Aug/09 02:59
          Resolved Resolved Closed Closed
          32d 20h 36m 1 Patrick Hunt 05/Sep/09 23:36

            People

            • Assignee:
              Chris Darroch
              Reporter:
              Chris Darroch
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development