[BUG]: perform check/rewrite the function to not hang if the library receives a path to a folder in the "publickey" value

Wed, 11 Apr 2012 00:16:45 -0700

NOTE: it's second attempt to send this mail *after* subscribing and waiting 16 hours after first sent mail.
First of all, you can find more details (including some attachments) here: https://support.zabbix.com/browse/ZBX-4857 



When any tool  passes a path to a directory as the "publickey" value - 
the tool hangs ! and consumes 100% of cpu/core.
A strace command shows constant attempts to read a directory with crazy 
speed:

# strace -p 18694
read(10, 0x7fdc565fa000, 4096)          = -1 EISDIR (Is a directory)
read(10, 0x7fdc565fa000, 4096)          = -1 EISDIR (Is a directory)
read(10, 0x7fdc565fa000, 4096)          = -1 EISDIR (Is a directory)
read(10, 0x7fdc565fa000, 4096)          = -1 EISDIR (Is a directory)
...



At the link mentioned above I attached two outputs of "ltrace -tt -n2 -s 
80 -T -S  -p <PID>"



ltrace_12507_empty_pub_key_ssh2-141ssl.out - with the empty **public** 
key *in zabbix configuration*

where we can see that problem occurs in the libssh2 namely.

When the key file field is empty - zabbix_server pass only path to 
folder (/home/zabbix/.ssh/) to the libssh2's 
"libssh2_userauth_publickey_fromfile_ex" function and it hangs as I 
explained above !
Moreover, I have reproduced this bug without zabbix_server (libssh2 has 
many code examples which can be used).



ltrace_12741_empty_priv_key_ssh2-141ssl.out - with the empty **private** 
key *in zabbix configuration*
we can see than libssh2's function "file_read_privatekey" doesn't affect 
by this problem when the *private* key file it's only a path to a folder.




I used latest release 1.4.1 of libssh2 (from April 4, 2012) compiled 
from sources.


I suppose the problem in a libssh2's function "file_read_publickey"
lines:
    /* Read Public Key */
    fd = fopen(pubkeyfile, "r");
    if (!fd) {
        return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                              "Unable to open public key file");
    }
    while (!feof(fd) && (c = fgetc(fd)) != '\r' && c != '\n')
        pubkey_len++;


Would be nice to perform check/rewrite the function to not hang if the 
library receives a path to a folder in the "publickey" value.


Thanks.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel














    











					Reply via email to