Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

segv in ctrl_body_cb #646

Open
scareything opened this issue May 1, 2024 · 0 comments
Open

segv in ctrl_body_cb #646

scareything opened this issue May 1, 2024 · 0 comments

Comments

@scareything
Copy link
Member

ctrl_body_cb doesn't check resp->body before copying into it, and it is possible for it to be null.

One way to trigger this is by attempting to enroll an ER identity:

ziti edge create er --jwt er.jwt

sample_enroll er.jwt er.json
(21902)[        0.000]    INFO ziti-sdk:utils.c:201 ziti_log_set_level() set log level: root=6/TRACE
(21902)[        0.000]    INFO ziti-sdk:utils.c:172 ziti_log_init() Ziti C SDK version 0.36.11.1 @b35d0e8(gcc.14) starting at (2024-05-01T14:10:39.886)
(21902)[        0.000]   DEBUG ziti-sdk:zitilib.c:1010 looper() loop is starting
(21902)[        0.001]    INFO ziti-sdk:ziti_enroll.c:90 ziti_enroll() Ziti C SDK version 0.36.11.1 @b35d0e8(gcc.14) starting enrollment at (2024-05-01T14:10:39.887)
(21902)[        0.001] VERBOSE ziti-sdk:jwt.c:100 load_jwt_content() jwt file content is: 
eyJhbGciOiJSUzI1NiIsImtpZCI6IjdmNDg5YjQwNWIxNjUyOTRjYWMzZGFhMzg2MzE4ZjI2YmIzOWUxMTEiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NoYXducy1tMS1tYnAubG9jYWxkb21haW46MTI4MCIsInN1YiI6IkxKNkhDb2hySiIsImF1ZCI6WyIiXSwiZXhwIjoxNzE0NjU5MDMzLCJqdGkiOiJjNjZjNDc4My01ZGJhLTQ4MTctOTcyZS1jZTRlYWFmMDA0OGMiLCJlbSI6ImVyb3R0In0.T1OZ8XiR5W5JmTV-xEztucqMoiuUcTuHpQQMSSGKUBAYUXKITeYNIdqVAbVoTC-wZaUhndhsy1LIJPTBkCuTTxCKMcEFGCavSjy1A1zr_UNv0Uw0pb0I4zL80Ai0gF70cr0RNLLDHnqIojADGfEBbchz--3pIS8hZ10tVjsV3OUIp1jr1UM4CLc2b7WGfvjXMtQunhXo82yOBDU-KS33d5mK3yuTUwiMIrDfMzuXSVwsOxg6ZoyszVd_9Cx_7g2pbzoIaDfLvDBx8O_ZPI7J0z4pp6olPkoObrIDGMcxvJlfmFjexJyfqb9xfBOuA_w_MhPvuRIj5pREXpbI8bTf_8rL6QSERV0pB1cSHPP_gZTHWpERmU8hvrFg3JG5J2il6fXSikwCmhZAojrCmK1kl6ZmeOVCpA-1FScrB8rTAoZZuiEElOVfQPOwrWJYap5kxjXkZ0sD9uZyIZEriWI1d1hAzHymseKw1s97Scpvh6gbUprX8Xem90vrS-wM-BtfFz54iNhQ1PIFqZ_EFwf1Ok83Wbs-IZm59JztkKKo9Q99N-GoM2a-XYVAJiyr_0_roLeUaTjvt7c35nQuJlxfABnfy72HJAxQN16jsUvkEtp5i9vb4nNT-qCiFz_szAsBOq5xYFMiuNYQzgNSSqSNBgB5uKK3tohXMvaivfedfoM
(21902)[        0.001]   DEBUG ziti-sdk:jwt.c:36 parse_jwt_content() ecfg->jwt_signing_input is: 
eyJhbGciOiJSUzI1NiIsImtpZCI6IjdmNDg5YjQwNWIxNjUyOTRjYWMzZGFhMzg2MzE4ZjI2YmIzOWUxMTEiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NoYXducy1tMS1tYnAubG9jYWxkb21haW46MTI4MCIsInN1YiI6IkxKNkhDb2hySiIsImF1ZCI6WyIiXSwiZXhwIjoxNzE0NjU5MDMzLCJqdGkiOiJjNjZjNDc4My01ZGJhLTQ4MTctOTcyZS1jZTRlYWFmMDA0OGMiLCJlbSI6ImVyb3R0In0
(21902)[        0.001]   DEBUG tlsuv:base64.c:107 base64url_decode len is: 512
(21902)[        0.001]   DEBUG tlsuv:base64.c:107 base64url_decode len is: 76
(21902)[        0.001]   DEBUG tlsuv:base64.c:107 base64url_decode len is: 152
(21902)[        0.001]   DEBUG ziti-sdk:ziti_ctrl.c:415 ziti_ctrl_init() ctrl[shawns-m1-mbp.localdomain] ziti controller client initialized
(21902)[        0.001] VERBOSE ziti-sdk:ziti_ctrl.c:143 start_request() ctrl[shawns-m1-mbp.localdomain] starting GET[/.well-known/est/cacerts]
(21902)[        0.003] VERBOSE tlsuv:http.c:400 client not connected, starting connect sequence
(21902)[        0.003]   DEBUG tlsuv:tcp_src.c:158 resolving 'shawns-m1-mbp.localdomain:1280'
(21902)[        0.006]   TRACE tlsuv:tcp_src.c:99 resolved status = 0
(21902)[        0.006] VERBOSE tlsuv:http.c:260 src connected status = 0
(21902)[        0.006]   TRACE tlsuv:tls_link.c:54 TLS(0x150f052d0) starting handshake(st = 0)
(21902)[        0.006]   TRACE tlsuv:tls_link.c:243 io buffering 342 bytes
(21902)[        0.006]   TRACE tlsuv:tls_link.c:66 TLS(0x150f052d0) started handshake(st = 1)
(21902)[        0.006]   TRACE tlsuv:tls_link.c:223 flushing 342 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:75 TLS(0x150f052d0)[1]: 2438
(21902)[        0.039]   TRACE tlsuv:tls_link.c:101 TLS(0x150f052d0) continuing handshake(2438 bytes received)
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/2438 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 122/2433 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/2311 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 1/2306 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/2305 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 38/2300 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/2262 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 62/2257 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/2195 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 1590/2190 bytes
(21902)[        0.039] VERBOSE tlsuv:engine.c:643 verifying /C=US/L=Charlotte/O=NetFoundry/OU=ADV-DEV/CN=NetFoundry Inc. Server 0-b2UCUzs
(21902)[        0.039]   DEBUG ziti-sdk:ziti_enroll.c:39 verify_controller_jwt() verifying JWT signature
(21902)[        0.039]   DEBUG ziti-sdk:ziti_enroll.c:67 verify_controller_jwt() JWT verification succeeded!
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/600 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 537/595 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 5/58 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:281 read 53/53 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:243 io buffering 94 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:223 flushing 94 bytes
(21902)[        0.039]   TRACE tlsuv:tls_link.c:106 TLS(0x150f052d0) handshake completed
(21902)[        0.039]   TRACE tlsuv:http.c:186 handshake completed with alpn[http/1.1]
(21902)[        0.040] VERBOSE tlsuv:http.c:409 client connected, processing request[/.well-known/est/cacerts] state[0]
(21902)[        0.040] VERBOSE tlsuv:http.c:411 sending request[/.well-known/est/cacerts] headers
(21902)[        0.040]   TRACE tlsuv:http.c:422 writing request >>> GET /.well-known/est/cacerts HTTP/1.1

Host: shawns-m1-mbp.localdomain

Connection: keep-alive

Accept-Encoding: gzip, deflate

Accept: application/pkcs7-mime




(21902)[        0.040]   TRACE tlsuv:tls_link.c:243 io buffering 184 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:223 flushing 184 bytes
(21902)[        0.040] VERBOSE tlsuv:http.c:430 sending request[/.well-known/est/cacerts] body
(21902)[        0.040] VERBOSE tlsuv:http.c:294 request write completed: 0
(21902)[        0.040]   TRACE tlsuv:tls_link.c:75 TLS(0x150f052d0)[2]: 2023
(21902)[        0.040]   TRACE tlsuv:tls_link.c:118 TLS(0x150f052d0) processing 2023 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:281 read 5/2023 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:281 read 139/2018 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:281 read 5/1879 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:281 read 1203/1874 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:281 read 5/671 bytes
(21902)[        0.040]   TRACE tlsuv:tls_link.c:281 read 666/666 bytes
(21902)[        0.040] VERBOSE tlsuv:tls_link.c:132 TLS(0x150f052d0) produced 1835 application byte (rc=0)
(21902)[        0.040]   TRACE tlsuv:http_req.c:77 processing 1835 bytes
HTTP/1.1 200 OK

Content-Encoding: gzip

Content-Length: 1583

Content-Transfer-Encoding: base64

Content-Type: application/pkcs7-mime

Server: ziti-controller/v0.0.0

Ziti-Instance-Id: clupewjw90000vvff3ncc8kl8

Date: Wed, 01 May 2024 14:10:39 GMT




(21902)[        0.040] VERBOSE tlsuv:http_req.c:359 status = 200 OK
(21902)[        0.040] VERBOSE tlsuv:http_req.c:318 headers complete
(21902)[        0.040] VERBOSE ziti-sdk:ziti_ctrl.c:178 ctrl_resp_cb() ctrl[shawns-m1-mbp.localdomain] received headers GET[/.well-known/est/cacerts]
(21902)[        0.040] VERBOSE tlsuv:http_req.c:369 message complete
(21902)[        0.040] VERBOSE ziti-sdk:ziti_enroll.c:142 well_known_certs_cb() base64_encoded_pkcs7 is: MIIGDwYJKoZIhvcNAQcCoIIGADCCBfwCAQExADALBgkqhkiG9w0BBwGgggXiMIIF
3jCCA8agAwIBAgIRAIhEvfP1YPTk6GuzN9DRLaIwDQYJKoZIhvcNAQELBQAweDEL
MAkGA1UEBhMCVVMxEjAQBgNVBAcTCUNoYXJsb3R0ZTETMBEGA1UEChMKTmV0Rm91
bmRyeTEQMA4GA1UECxMHQURWLURFVjEuMCwGA1UEAxMlTmV0Rm91bmRyeSBJbmMu
IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMjExMTgxOTI0NDNaFw0zMjExMTUx
OTI1NDJaMHgxCzAJBgNVBAYTAlVTMRIwEAYDVQQHEwlDaGFybG90dGUxEzARBgNV
BAoTCk5ldEZvdW5kcnkxEDAOBgNVBAsTB0FEVi1ERVYxLjAsBgNVBAMTJU5ldEZv
dW5kcnkgSW5jLiBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQC9hVu3YfEaRwaSDE8PEzJbGC+tWeRk0vAwEKyQj4XP
xEJe8Wrw3vWFsvbLfQx4pc4DtFm/MfRkXzV71y1qRjYXPaJv0xxXbszqkwx+ZZSb
BUm+MLjyfPJ1azN2nl261ET3k58NA4Epa/cAEV6m5/G2g7IxniLELLTvJKlrO5Hx
LBSvTlx8dJgB/C8/3RGJsaAzTLjtCCNAhj+vtD7MvvIN0qA1qEGcj7n4pPibNLp2
SFTmKLJ/IDgcN4ISfW87eAsXVj/Jgm7hi+FBR7GhwzhO6T01Jph9YLZt6TSpxAR7
VRyYX9sJoxPm1JUkEcrrTKJ0vG9K2BopoTAJPv/M+BMdTqCcHCazewKc1Ea3hM3b
/X4TOoD4ji2reKV15HZJYxld1sf0hs8ez2508uMa2YP+JQLzLa6W3gm4l90KAVS2
dzzzV44tOkUVzpV/uv6ikt1
(21902)[        0.040]   DEBUG ziti-sdk:ziti_enroll.c:155 well_known_certs_cb() CA PEM len = 2094
(21902)[        0.040]   TRACE ziti-sdk:ziti_enroll.c:156 well_known_certs_cb() CA PEM:
-----BEGIN CERTIFICATE-----
MIIF3jCCA8agAwIBAgIRAIhEvfP1YPTk6GuzN9DRLaIwDQYJKoZIhvcNAQELBQAw
eDELMAkGA1UEBhMCVVMxEjAQBgNVBAcTCUNoYXJsb3R0ZTETMBEGA1UEChMKTmV0
Rm91bmRyeTEQMA4GA1UECxMHQURWLURFVjEuMCwGA1UEAxMlTmV0Rm91bmRyeSBJ
bmMuIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMjExMTgxOTI0NDNaFw0zMjEx
MTUxOTI1NDJaMHgxCzAJBgNVBAYTAlVTMRIwEAYDVQQHEwlDaGFybG90dGUxEzAR
BgNVBAoTCk5ldEZvdW5kcnkxEDAOBgNVBAsTB0FEVi1ERVYxLjAsBgNVBAMTJU5l
dEZvdW5kcnkgSW5jLiBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQC9hVu3YfEaRwaSDE8PEzJbGC+tWeRk0vAwEKyQ
j4XPxEJe8Wrw3vWFsvbLfQx4pc4DtFm/MfRkXzV71y1qRjYXPaJv0xxXbszqkwx+
ZZSbBUm+MLjyfPJ1azN2nl261ET3k58NA4Epa/cAEV6m5/G2g7IxniLELLTvJKlr
O5HxLBSvTlx8dJgB/C8/3RGJsaAzTLjtCCNAhj+vtD7MvvIN0qA1qEGcj7n4pPib
NLp2SFTmKLJ/IDgcN4ISfW87eAsXVj/Jgm7hi+FBR7GhwzhO6T01Jph9YLZt6TSp
xAR7VRyYX9sJoxPm1JUkEcrrTKJ0vG9K2BopoTAJPv/M+BMdTqCcHCazewKc1Ea3
hM3b/X4TOoD4ji2reKV15HZJYxld1sf0hs8ez2508uMa2YP+JQLzLa6W3gm4l90K
AVS2dzzzV44tOkUVzpV/uv6ikt1XVcc1Q7TGfI5r4n1Ka4XBQGjdVc9CxHH3j0T1
YBOjeRGvdP/j
(21902)[        0.040]   DEBUG ziti-sdk:ziti_ctrl.c:415 ziti_ctrl_init() ctrl[shawns-m1-mbp.localdomain] ziti controller client initialized
(21902)[        0.040] VERBOSE ziti-sdk:ziti_ctrl.c:143 start_request() ctrl[shawns-m1-mbp.localdomain] starting POST[/enroll?method=unknown ziti_enrollment_method&token=c66c4783-5dba-4817-972e-ce4eaaf0048c]
(21902)[        0.040] VERBOSE tlsuv:http_req.c:82 processed 1835 of 1835
(21902)[        0.041] VERBOSE tlsuv:http.c:391 no more requests, scheduling idle(0) close
(21902)[        0.041] VERBOSE tlsuv:http.c:400 client not connected, starting connect sequence
(21902)[        0.041]   DEBUG tlsuv:tcp_src.c:158 resolving 'shawns-m1-mbp.localdomain:1280'
(21902)[        0.041] VERBOSE tlsuv:http.c:376 idle timeout triggered
(21902)[        0.041] VERBOSE tlsuv:http.c:367 closing connection
(21902)[        0.041]   TRACE tlsuv:tls_link.c:185 closing TLS link
(21902)[        0.043]   TRACE tlsuv:tcp_src.c:99 resolved status = 0
(21902)[        0.044] VERBOSE tlsuv:http.c:260 src connected status = 0
(21902)[        0.044]   TRACE tlsuv:tls_link.c:54 TLS(0x150e05750) starting handshake(st = 0)
(21902)[        0.044]   TRACE tlsuv:tls_link.c:243 io buffering 342 bytes
(21902)[        0.044]   TRACE tlsuv:tls_link.c:66 TLS(0x150e05750) started handshake(st = 1)
(21902)[        0.044]   TRACE tlsuv:tls_link.c:223 flushing 342 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:75 TLS(0x150e05750)[1]: 2438
(21902)[        0.052]   TRACE tlsuv:tls_link.c:101 TLS(0x150e05750) continuing handshake(2438 bytes received)
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/2438 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 122/2433 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/2311 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 1/2306 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/2305 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 38/2300 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/2262 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 62/2257 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/2195 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 1590/2190 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/600 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 537/595 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/58 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 53/53 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:243 io buffering 94 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:223 flushing 94 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:106 TLS(0x150e05750) handshake completed
(21902)[        0.052]   TRACE tlsuv:http.c:186 handshake completed with alpn[http/1.1]
(21902)[        0.052] VERBOSE tlsuv:http.c:409 client connected, processing request[/enroll?method=unknown ziti_enrollment_method&token=c66c4783-5dba-4817-972e-ce4eaaf0048c] state[0]
(21902)[        0.052] VERBOSE tlsuv:http.c:411 sending request[/enroll?method=unknown ziti_enrollment_method&token=c66c4783-5dba-4817-972e-ce4eaaf0048c] headers
(21902)[        0.052]   TRACE tlsuv:http.c:422 writing request >>> POST /enroll?method=unknown ziti_enrollment_method&token=c66c4783-5dba-4817-972e-ce4eaaf0048c HTTP/1.1

Content-Length: 0

Content-Type: application/json

Host: shawns-m1-mbp.localdomain

Connection: keep-alive

Accept-Encoding: gzip, deflate

Accept: application/json




(21902)[        0.052]   TRACE tlsuv:tls_link.c:243 io buffering 294 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:223 flushing 294 bytes
(21902)[        0.052] VERBOSE tlsuv:http.c:430 sending request[/enroll?method=unknown ziti_enrollment_method&token=c66c4783-5dba-4817-972e-ce4eaaf0048c] body
(21902)[        0.052] VERBOSE tlsuv:http.c:294 request write completed: 0
(21902)[        0.052]   TRACE tlsuv:tls_link.c:75 TLS(0x150e05750)[2]: 144
(21902)[        0.052]   TRACE tlsuv:tls_link.c:118 TLS(0x150e05750) processing 144 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/144 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 139/139 bytes
(21902)[        0.052] VERBOSE tlsuv:tls_link.c:132 TLS(0x150e05750) produced 0 application byte (rc=-3)
(21902)[        0.052]   TRACE tlsuv:tls_link.c:75 TLS(0x150e05750)[2]: 149
(21902)[        0.052]   TRACE tlsuv:tls_link.c:118 TLS(0x150e05750) processing 149 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/149 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 120/144 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 5/24 bytes
(21902)[        0.052]   TRACE tlsuv:tls_link.c:281 read 19/19 bytes
(21902)[        0.052] VERBOSE tlsuv:tls_link.c:132 TLS(0x150e05750) produced 103 application byte (rc=0)
(21902)[        0.052]   TRACE tlsuv:http_req.c:77 processing 103 bytes
HTTP/1.1 400 Bad Request

Content-Type: text/plain; charset=utf-8

Connection: close



400 Bad Request
(21902)[        0.052] VERBOSE tlsuv:http_req.c:359 status = 400 Bad Request
(21902)[        0.052] VERBOSE tlsuv:http_req.c:318 headers complete
(21902)[        0.052] VERBOSE ziti-sdk:ziti_ctrl.c:178 ctrl_resp_cb() ctrl[shawns-m1-mbp.localdomain] received headers POST[/enroll?method=unknown ziti_enrollment_method&token=c66c4783-5dba-4817-972e-ce4eaaf0048c]
Exception: EXC_BAD_ACCESS (code=1, address=0x0)

btw it looks like the controller shouldn't be sending text/plain and/or no Content-Length, but the c sdk shouldn't crash regardless.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@scareything