Subject: [BUG]: perform check/rewrite the function to not hang if the library receives a path to a folder in the "publickey" value

[BUG]: perform check/rewrite the function to not hang if the library receives a path to a folder in the "publickey" value

From: Oleksiy Zagorskyi <zalex_ua_at_i.ua>
Date: Wed, 11 Apr 2012 10:13:21 +0300

NOTE: it's second attempt to send this mail *after* subscribing and
waiting 16 hours after first sent mail.

First of all, you can find more details (including some attachments)
here: https://support.zabbix.com/browse/ZBX-4857

When any tool passes a path to a directory as the "publickey" value -
the tool hangs ! and consumes 100% of cpu/core.
A strace command shows constant attempts to read a directory with crazy
speed:
# strace -p 18694
read(10, 0x7fdc565fa000, 4096) = -1 EISDIR (Is a directory)
read(10, 0x7fdc565fa000, 4096) = -1 EISDIR (Is a directory)
read(10, 0x7fdc565fa000, 4096) = -1 EISDIR (Is a directory)
read(10, 0x7fdc565fa000, 4096) = -1 EISDIR (Is a directory)
...

At the link mentioned above I attached two outputs of "ltrace -tt -n2 -s
80 -T -S -p <PID>"

ltrace_12507_empty_pub_key_ssh2-141ssl.out - with the empty **public**
key *in zabbix configuration*
where we can see that problem occurs in the libssh2 namely.
When the key file field is empty - zabbix_server pass only path to
folder (/home/zabbix/.ssh/) to the libssh2's
"libssh2_userauth_publickey_fromfile_ex" function and it hangs as I
explained above !
Moreover, I have reproduced this bug without zabbix_server (libssh2 has
many code examples which can be used).

ltrace_12741_empty_priv_key_ssh2-141ssl.out - with the empty **private**
key *in zabbix configuration*
we can see than libssh2's function "file_read_privatekey" doesn't affect
by this problem when the *private* key file it's only a path to a folder.

I used latest release 1.4.1 of libssh2 (from April 4, 2012) compiled
from sources.

I suppose the problem in a libssh2's function "file_read_publickey"
lines:
     /* Read Public Key */
     fd = fopen(pubkeyfile, "r");
     if (!fd) {
         return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                               "Unable to open public key file");
     }
     while (!feof(fd) && (c = fgetc(fd)) != '\r' && c != '\n')
         pubkey_len++;

Would be nice to perform check/rewrite the function to not hang if the
library receives a path to a folder in the "publickey" value.

Thanks.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2012-04-11