Bug 654657
Summary: | Incorrect socket accept error message due to bad pointer arithmetic | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | John Dennis <jdennis> | ||||||
Component: | JSS | Assignee: | RHCS Maintainers <rhcs-maint> | ||||||
Status: | CLOSED EOL | QA Contact: | Ben Levenson <benl> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | high | ||||||||
Version: | unspecified | CC: | cfu, dpal, jgalipea, mharmsen, rrelyea | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | |||||||||
: | 660436 (view as bug list) | Environment: | |||||||
Last Closed: | 2020-03-27 20:01:17 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 660436 | ||||||||
Attachments: |
|
Description
John Dennis
2010-11-18 14:42:30 UTC
Created attachment 461316 [details]
Minimal patch to correct bad string pointer
Note, there is no need to specify the err code, JSSL_throwSSLSocketException() will add that information.
Created attachment 461317 [details]
Clean up most compiler warnings
Includes the error string pointer fix, but also addresses most of the other compiler warnings.
Comment on attachment 461316 [details]
Minimal patch to correct bad string pointer
approval for this attachment only.
Please consult mharmsen on details of how to do JSS patches.
patch was checked into Fedora for rawhide, F14 & F13 on 12/6 and packages were built and pushed to updates-testing. However, I noticed the RHEL-6 is does not have the last 4 patches which are in Fedora, will follow up with Matt and Christina to see why not and if there is any reason they should be applied to the RHEL-6 version as well. jss-4_2_6-10 has now been committed to rawhide, F14, F13 and RHEL-6. All packages have been built for rawhide, F14, F13 and RHEL-6. Final changes included fixing the attribution/blame in the changelog entry and relocating the jar to /usr/lib/jss and/or /usr/lib64/jss as per Fedora packaging guidelines. Reviews performed by mharmsen and cfu. John, Kashyap was asking how to test this. If not too much trouble, could you give him a test case that could allow him to observe what would cause JSSL_throwSSLSocketException() now to spit out the correct message then that would be good. Thanks! It's been so long since I discovered this I forget how I discovered it or what provoked it. We fixed a JSS socket timeout parameter problem at about the same time which is what I think provoked this error, perhaps you could revert that patch. Or perhaps you could set up a firewall to prevent communication on the specified port which would cause the timeout to occur. Or perhaps you could have faith in static source code analysis and accept the previous code was indeed wrong and was properly corrected :-) I realize it's better to test, sometimes the cost/benefit is not proportional, especially considering you only hit this code in aberrant circumstances, which is probably why the bogus code was in production for 8 years (if I recall correctly). |