Article delegate-en/4087 of [1-4325] on the server localhost:7119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4086@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en
[DeleGate-En] Re: VStr overflow in Xstrcpy and TIME_WAIT state
22 Aug 2008 04:38:27 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project 
Hi,

In message <_A4086@delegate-en.ML_> on 08/22/08(06:55:54)
you "Jean Aumont" <pvahqbdyi-mxhgu45askxw.ml@delegate.org> wrote:
 |Regarding the Question 1: Is this normal to see "VStr overflow in
 |Xstrcpy" in the ERRORLOG file ?
 |
 |In my configuration file there is nothing longer than about 100
 |characters, so I do not think that this is the problem.
 |
 |But regarding the logs, I see always the same pattern:

Even if your input parameter is short, it might be expanded internally
by DeleGate, and the result is reported in the LOGFILE.  For example,
a password string for -list{user:pass} in AUTHORIZER is hashed into a
MD5 string which can be far longer than the original string as follows:

  AUTHORIZER="-list{1:1,2:2,3:3,4:4,5:5,6:6,7:7}"

LOGFILE:
  **** Encrypt it as AUTHORIZER=-list{1:MD5:c4ca4238a0b923820dcc509a6f75849b,2:MD5:c81e728d9d4c2f636f067f89cc14862c,3:MD5:eccbc87e4b5ce2fe28308fd9f2a7baf3,4:MD5:a87ff679a2f3e71d9181a67b7542122c,5:MD5:e4da3b7fbbce2345d7772b0674a318d5,6:MD5:1679091c5a880faf6fb5e6087eb1b2dc,7:MD5:8f14e45fceea167a5a36dedd4bea2543}
  ...
  08/22 13:27:33.00 [23973] 0+0: arg[4] AUTHORIZER=-list{1:MD5:c4ca4238a0b923820dcc509a6f75849b,2:MD5:c81e728d9d4c2f636f067f89cc14862c,3:MD5:eccbc87e4b5ce2fe28308fd9f2a7baf3,4:MD5:a87ff679a2f3e71d9181a67b7542122c,5:MD5:e4da3b7fbbce2345d7772b0674a318d5,6:MD5:1679091c5a880faf6fb5e6087eb1b2dc,7:MD5:8f14e45fceea167a5a36dedd4bea2543}

With this example, I can reproduce the "VStr overflow in Xstrcpy" in
the authentication procedure of DeleGate.
Since the restriction by 256bytes (MaxHostNameLen) is not an intended
limitation, it will be fixed as the enclosed patch in the next release
(9.8.5-pre6).

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

*** dist/src/delegate9.8.4-pre5/src/access.c	Thu Jul 31 20:11:30 2008
--- ./src/access.c	Fri Aug 22 13:23:11 2008
***************
*** 1628,1634 ****
--- 1628,1637 ----
  	return wa;
  }
  int CTX_withAuth(Connection *Conn){
+ 	/*
  	CStr(authserv,MaxHostNameLen);
+ 	*/
+ 	CStr(authserv,MaxAuthServLen);
  	if( getMountAuthorizer(Conn,AVStr(authserv),sizeof(authserv)) ){
  		return 1;
  	}else
***************
*** 1657,1663 ****
--- 1660,1669 ----
  }
  int doAuthX(Connection *Conn,AuthInfo *ident)
  {	int rcode;
+ 	/*
  	CStr(authserv,MaxHostNameLen);
+ 	*/
+ 	CStr(authserv,MaxAuthServLen);
  	CStr(userpass,256);
  	const char *dp;
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V