We experienced conserver crashes that were always preceded by the server receiving SIGHUP. See https://github.com/bstansell/conserver/issues/93 for more details, and the corresponding upstream pull request here: https://github.com/bstansell/conserver/pull/95. The basic issue is that FileUnopen is returning -1, and that value is used to index into an fd_set. The fix linked above modifies FileUnopen to return a valid fd. A more conservative fix would modify the caller to check for -1, and avoid the FD_CLR. I will attach a patch that does the latter to this bug, as that is what we deployed internally. Reproducible: Didn't try Steps to Reproduce: I believe that you would have to have active SSL connections when SIGHUP is received by the conserver process. Actual Results: conserver crashes, and the logs show: [Wed Sep 20 08:57:32 2023] conserver (46864): [ibm-hs22-5.swcert.cee.pnq.redhat.com] exit(2) [Wed Sep 20 08:57:32 2023] conserver (46864): [ibm-hs22-5.swcert.cee.pnq.redhat.com] automatic reinitialization *** buffer overflow detected ***: /usr/sbin/conserver terminated [Wed Sep 20 08:57:32 2023] conserver (56606): [dell-per320-03.khw2.lab.eng.bos.redhat.com] exit(1) [Wed Sep 20 08:57:32 2023] conserver (56606): [dell-per320-03.khw2.lab.eng.bos.redhat.com] automatic reinitialization [Wed Sep 20 08:57:32 2023] conserver (47817): [dev203.mw.lab.eng.bos.redhat.com] exit(1) [Wed Sep 20 08:57:32 2023] conserver (47817): [dev203.mw.lab.eng.bos.redhat.com] automatic reinitialization ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x7facde1987a7] /lib64/libc.so.6(+0x116922)[0x7facde196922] /lib64/libc.so.6(+0x118707)[0x7facde198707] /usr/sbin/conserver(+0x158d2)[0x558ddb5468d2] /usr/sbin/conserver(+0x2581a)[0x558ddb55681a] /usr/sbin/conserver(+0x1944f)[0x558ddb54a44f] /usr/sbin/conserver(+0x78f8)[0x558ddb5388f8] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7facde0a2555] /usr/sbin/conserver(+0x7c79)[0x558ddb538c79] ... Expected Results: conserver continues to run
Created attachment 2007046 [details] Fix a buffer overflow
FEDORA-2024-b42c9e53be has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-b42c9e53be
FEDORA-2024-b42c9e53be has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2024-485ca40cbd has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-485ca40cbd
FEDORA-EPEL-2024-698eea42eb has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-698eea42eb
FEDORA-2024-329d379065 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2024-329d379065
FEDORA-2024-b643778254 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2024-b643778254
FEDORA-EPEL-2024-a8c18697dc has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a8c18697dc See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2024-698eea42eb has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-698eea42eb See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2024-485ca40cbd has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-485ca40cbd See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-b643778254 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-b643778254` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-b643778254 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-329d379065 has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-329d379065` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-329d379065 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2024-a8c18697dc has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-329d379065 has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-b643778254 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2024-485ca40cbd has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2024-698eea42eb has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.