Opened 13 years ago

Closed 13 years ago

#1559 closed defect (fixed)

[PATCH][Segfault] webif not validating valid stream after fdopen

Reported by: coolacid Owned by: alno
Priority: major Component: Webinterface
Severity: high Keywords:
Cc: Sensitive: no

Description

Revision

4575

Issue Description

For the past few revisions there seemed to be a random crash - prior, I didn't have everything setup to debug the issue. Last night I built the latest at the time, enabled core dumps and ensures I was using a debug-able version of oscam.

Finanly about an hour ago it crashed and the core dump indicated the following backtrace:

-0 fileno (fp=0x0) at fileno.c:37
-1 0x00000000004153d1 in webif_read (

buf=0x7f937f459070 "GET /site.css HTTP/1.1\r\nHost: localhost:8888\r\n"..., num=1024, f=0x0) at /srv/oscam-svn/oscam-http-helpers.c:407

-2 0x00000000004247df in process_request (f=0x0, in=...) at /srv/oscam-svn/oscam-http.c:3000
-3 0x00000000004259b2 in http_srv () at /srv/oscam-svn/oscam-http.c:3325
-4 0x00007f937ee27971 in start_thread (arg=<value optimized out>) at pthread_create.c:304
-5 0x00007f937e97692d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
-6 0x0000000000000000 in ?? ()

It appears that the file pointer is becoming NULL prior to attempting to read from the client.

Unfortunately, I'm a great debugger, I suck at coding. My stab would be:

In oscam-http.c line 3325, there is no validation that fdopen returned a valid file stream. I'd validate that the stream is valid otherwise skip to shutdown?

When the issue occurs

Unable to identify exactly when this happens

How the issue is reproducable

Seems random - unable to identify exactly how to reproduce other then wait for it.

Attachments (1)

oscam-http.c-patch-v1 (1.1 KB ) - added by coolacid 13 years ago.
Patch file v1

Download all attachments as: .zip

Change History (8)

comment:1 by coolacid, 13 years ago

I should also note that line 3312 of the same file doesn't validate fdopen returns a valid pointer as well. I didn't dive into the SSL process_request function though.

by coolacid, 13 years ago

Attachment: oscam-http.c-patch-v1 added

Patch file v1

comment:2 by coolacid, 13 years ago

Attaching my (probably poor) attempt at a patch.

comment:3 by coolacid, 13 years ago

Summary: [Segfault] webif f value is null when passed to fileno[PATCH][Segfault] webif not validating valid stream after fdopen

comment:4 by Admin, 13 years ago

A really great debugging, thanks! I just commited your patch a little bit modified in [4597]. However, these code lines should be quite untouched since lots of revisions (think the last time should be where ssl was integrated but I think the check was even missing before) so the question is why fdopen fails. Do you use CCCam?

comment:5 by coolacid, 13 years ago

I don't use cccam - a few local cams and a couple newcamd proxies/clients Its possible it was there before but I never noticed it - its only resent that I've been more noticeable.

comment:6 by coolacid, 13 years ago

I wonder if you could add an extra debug log - one that could handle error situations - I'm sure I'm going to miss this happening again even if I try and look in the logs. Not sure what events should go there, but might be handy to have - or maybe a separate ECM/EMM log since that's the bulk of my log files.

comment:7 by Deas, 13 years ago

Resolution: fixed
Status: newclosed

about your log feature request - please discuss this in streamboard forum, not in trac!

Note: See TracTickets for help on using tickets.