Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Buffer overflow upon GET connection #2

Open
jmkgreen opened this issue Jul 17, 2009 · 1 comment
Open

Buffer overflow upon GET connection #2

jmkgreen opened this issue Jul 17, 2009 · 1 comment

Comments

@jmkgreen
Copy link

Using latest from trunk on Intel 64bit Ubuntu 9.04:

Jul 17 10:59:09: is_encrypted: 0
Jul 17 10:59:09: Connection received from 127.0.0.1
Jul 17 10:59:09: Set 127.0.0.1 input format to http
Jul 17 10:59:09: Set 127.0.0.1 output format to xml
Jul 17 10:59:09: res=0, line:
Jul 17 10:59:09: res=1, line: GET /?Action=ShowChannels&ActionID=foo HTTP/1.0
Jul 17 10:59:09: Got http: GET /?Action=ShowChannels&ActionID=foo HTTP/1.0
*** buffer overflow detected ***: astmanproxy terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7ff4a8a2d2c7]
/lib/libc.so.6[0x7ff4a8a2b170]
/usr/lib/astmanproxy/modules/http.so(_read+0x346)[0x7ff4a7b83626]
astmanproxy(session_do+0x8a)[0x40585a]
/lib/libpthread.so.0[0x7ff4a8ca73ba]
/lib/libc.so.6(clone+0x6d)[0x7ff4a8a13fcd]
======= Memory map: ========
00400000-0040e000 r-xp 00000000 08:01 3253974 /usr/local/sbin/astmanproxy
0060d000-0060e000 r--p 0000d000 08:01 3253974 /usr/local/sbin/astmanproxy
0060e000-0060f000 rw-p 0000e000 08:01 3253974 /usr/local/sbin/astmanproxy
0115e000-0117f000 rw-p 0115e000 00:00 0 [heap]
7ff4a612d000-7ff4a6143000 r-xp 00000000 08:01 6406208 /lib/libgcc_s.so.1
7ff4a6143000-7ff4a6343000 ---p 00016000 08:01 6406208 /lib/libgcc_s.so.1
7ff4a6343000-7ff4a6344000 r--p 00016000 08:01 6406208 /lib/libgcc_s.so.1
7ff4a6344000-7ff4a6345000 rw-p 00017000 08:01 6406208 /lib/libgcc_s.so.1
7ff4a6345000-7ff4a6346000 ---p 7ff4a6345000 00:00 0
7ff4a6346000-7ff4a6b46000 rw-p 7ff4a6346000 00:00 0
7ff4a6b46000-7ff4a6b47000 ---p 7ff4a6b46000 00:00 0
7ff4a6b47000-7ff4a7347000 rw-p 7ff4a6b47000 00:00 0
7ff4a7347000-7ff4a7353000 r-xp 00000000 08:01 6406176 /lib/libnss_files-2.9.so
7ff4a7353000-7ff4a7552000 ---p 0000c000 08:01 6406176 /lib/libnss_files-2.9.so
7ff4a7552000-7ff4a7553000 r--p 0000b000 08:01 6406176 /lib/libnss_files-2.9.so
7ff4a7553000-7ff4a7554000 rw-p 0000c000 08:01 6406176 /lib/libnss_files-2.9.so
7ff4a7554000-7ff4a755e000 r-xp 00000000 08:01 6406178 /lib/libnss_nis-2.9.so
7ff4a755e000-7ff4a775d000 ---p 0000a000 08:01 6406178 /lib/libnss_nis-2.9.so
7ff4a775d000-7ff4a775e000 r--p 00009000 08:01 6406178 /lib/libnss_nis-2.9.so
7ff4a775e000-7ff4a775f000 rw-p 0000a000 08:01 6406178 /lib/libnss_nis-2.9.so
7ff4a775f000-7ff4a7775000 r-xp 00000000 08:01 6406173 /lib/libnsl-2.9.so
7ff4a7775000-7ff4a7975000 ---p 00016000 08:01 6406173 /lib/libnsl-2.9.so
7ff4a7975000-7ff4a7976000 r--p 00016000 08:01 6406173 /lib/libnsl-2.9.so
7ff4a7976000-7ff4a7977000 rw-p 00017000 08:01 6406173 /lib/libnsl-2.9.so
7ff4a7977000-7ff4a7979000 rw-p 7ff4a7977000 00:00 0
7ff4a7979000-7ff4a7981000 r-xp 00000000 08:01 6406174 /lib/libnss_compat-2.9.so
7ff4a7981000-7ff4a7b80000 ---p 00008000 08:01 6406174 /lib/libnss_compat-2.9.so
7ff4a7b80000-7ff4a7b81000 r--p 00007000 08:01 6406174 /lib/libnss_compat-2.9.so
7ff4a7b81000-7ff4a7b82000 rw-p 00008000 08:01 6406174 /lib/libnss_compat-2.9.so
7ff4a7b82000-7ff4a7b84000 r-xp 00000000 08:01 3270740 /usr/lib/astmanproxy/modules/http.so
7ff4a7b84000-7ff4a7d83000 ---p 00002000 08:01 3270740 /usr/lib/astmanproxy/modules/http.so
7ff4a7d83000-7ff4a7d84000 r--p 00001000 08:01 3270740 /usr/lib/astmanproxy/modules/http.so
7ff4a7d84000-7ff4a7d85000 rw-p 00002000 08:01 3270740 /usr/lib/astmanproxy/modules/http.so
7ff4a7d85000-7ff4a7d86000 r-xp 00000000 08:01 3270738 /usr/lib/astmanproxy/modules/standard.so
7ff4a7d86000-7ff4a7f86000 ---p 00001000 08:01 3270738 /usr/lib/astmanproxy/modules/standard.so
7ff4a7f86000-7ff4a7f87000 r--p 00001000 08:01 3270738 /usr/lib/astmanproxy/modules/standard.so
7ff4a7f87000-7ff4a7f88000 rw-p 00002000 08:01 3270738 /usr/lib/astmanproxy/modules/standard.so
7ff4a7f88000-7ff4a7f89000 r-xp 00000000 08:01 3270739 /usr/lib/astmanproxy/modules/csv.so
7ff4a7f89000-7ff4a8188000 ---p 00001000 08:01 3270739 /usr/lib/astmanproxy/modules/csv.so
7ff4a8188000-7ff4a8189000 r--p 00000000 08:01 3270739 /usr/lib/astmanproxy/modules/csv.so
7ff4a8189000-7ff4a818a000 rw-p 00001000 08:01 3270739 /usr/lib/astmanproxy/modules/csv.so
7ff4a818a000-7ff4a818c000 r-xp 00000000 08:01 3270737 /usr/lib/astmanproxy/modules/xml.so
7ff4a818c000-7ff4a838b000 ---p 00002000 08:01 3270737 /usr/lib/astmanproxy/modules/xml.so
7ff4a838b000-7ff4a838c000 r--p 00001000 08:01 3270737 /usr/lib/astmanproxy/modules/xml.so
7ff4a838c000-7ff4a838d000 rw-p 00002000 08:01 3270737 /usr/lib/astmanproxy/modules/xml.so
7ff4a838d000-7ff4a83a4000 r-xp 00000000 08:01 6406282 /lib/libz.so.1.2.3.3
7ff4a83a4000-7ff4a85a3000 ---p 00017000 08:01 6406282 /lib/libz.so.1.2.3.3
7ff4a85a3000-7ff4a85a4000 r--p 00016000 08:01 6406282 /lib/libz.so.1.2.3.3
7ff4a85a4000-7ff4a85a5000 rw-p 00017000 08:01 6406282 /lib/libz.so.1.2.3.3
7ff4a85a5000-7ff4a8708000 r-xp 00000000 08:01 6406321 /lib/libcrypto.so.0.9.8
7ff4a8708000-7ff4a8907000 ---p 00163000 08:01 6406321 /lib/libcrypto.so.0.9.8
7ff4a8907000-7ff4a8914000 r--p 00162000 08:01 6406321 /lib/libcrypto.so.0.9.8
7ff4a8914000-7ff4a892a000 rw-p 0016f000 08:01 6406321 /lib/libcrypto.so.0.9.8
7ff4a892a000-7ff4a892e000 rw-p 7ff4a892a000 00:00 0
7ff4a892e000-7ff4a8a96000 r-xp 00000000 08:01 6406161 /lib/libc-2.9.so
7ff4a8a96000-7ff4a8c96000 ---p 00168000 08:01 6406161 /lib/libc-2.9.so
7ff4a8c96000-7ff4a8c9a000 r--p 00168000 08:01 6406161 /lib/libc-2.9.so
7ff4a8c9a000-7ff4a8c9b000 rw-p 0016c000 08:01 6406161 /lib/libc-2.9.so
7ff4a8c9b000-7ff4a8ca0000 rw-p 7ff4a8c9b000 00:00 0
7ff4a8ca0000-7ff4a8cb7000 r-xp 00000000 08:01 6406181 /lib/libpthread-2.9.so
7ff4a8cb7000-7ff4a8eb6000 ---p 00017000 08:01 6406181 /lib/libpthread-2.9.so
7ff4a8eb6000-7ff4a8eb7000 r--p 00016000 08:01 6406181 /lib/libpthread-2.9.so
7ff4a8eb7000-7ff4a8eb8000 rw-p 00017000 08:01 6406181 /lib/libpthread-2.9.so
7ff4a8eb8000-7ff4a8ebc000 rw-p 7ff4a8eb8000 00:00 0
7ff4a8ebc000-7ff4a8ebe000 r-xp 00000000 08:01 6406170 /lib/libdl-2.9.so
7ff4a8ebe000-7ff4a90be000 ---p 00002000 08:01 6406170 /lib/libdl-2.9.so
7ff4a90be000-7ff4a90bf000 r--p 00002000 08:01 6406170 /lib/libdl-2.9.so
7ff4a90bf000-7ff4a90c0000 rw-p 00003000 08:01 6406170 /lib/libdl-2.9.so
7ff4a90c0000-7ff4a9109000 r-xp 00000000 08:01 6406322 /lib/libssl.so.0.9.8
7ff4a9109000-7ff4a9309000 ---p 00049000 08:01 6406322 /lib/libssl.so.0.9.8
7ff4a9309000-7ff4a930a000 r--p 00049000 08:01 6406322 /lib/libssl.so.0.9.8
7ff4a930a000-7ff4a930f000 rw-p 0004a000 08:01 6406322 /lib/libssl.so.0.9.8
7ff4a930f000-7ff4a932f000 r-xp 00000000 08:01 6406158 /lib/ld-2.9.so
7ff4a94e0000-7ff4a9525000 rw-p 7ff4a94e0000 00:00 0
7ff4a9529000-7ff4a952e000 rw-p 7ff4a9529000 00:00 0
7ff4a952e000-7ff4a952f000 r--p 0001f000 08:01 6406158 /lib/ld-2.9.so
7ff4a952f000-7ff4a9530000 rw-p 00020000 08:01 6406158 /lib/ld-2.9.so
7fffb151b000-7fffb1530000 rw-p 7ffffffea000 00:00 0 [stack]
7fffb15ff000-7fffb1600000 r-xp 7fffb15ff000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted
@xionod
Copy link

xionod commented Feb 19, 2013

I also have a the same error on ubuntu x64, this patch fixes it
http.c

---if ( strlen(line) > 14 && (tmp = strcasestr(line, " HTTP")) ) {
+++if ( strlen(line) > 14 && (tmp = strstr(line, " HTTP/1.1")) ) {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jmkgreen @xionod