Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kh22 (rev ea3554b) crashes (segfault) when serving XSL files protected using htpasswd authentication. #445

Open
patphobos opened this issue Feb 28, 2024 · 2 comments
Open

kh22 (rev ea3554b) crashes (segfault) when serving XSL files protected using htpasswd authentication. #445

patphobos opened this issue Feb 28, 2024 · 2 comments

Comments

@patphobos
Copy link

patphobos commented Feb 28, 2024
edited
Loading

Hi Karl,

I encountered a bug that crashes the current icecast2-kh (revision ea3554b)
icecast.xml.txt

Authentication is functioning properly for streams and static files, but it causes icecast to crash when attempting to protect xslt files: status.xsl / status2.xsl.

Below is the backtrace of the crash that occurs when requesting an XSLT file.

(gdb) backtrace full
#0  0x000055555557edf1 in _xslt_transform (doc=0x7fffdc002770, xslfilename=0x7fffdc0011c0 "/home/patrice/icecast-kh/web/status2.xsl", client=0x7fffe0000fa0, admin=<optimized out>) at xslt.c:661
        x = 0x7fffdc006f80
#1  0x000055555557f789 in xslt_transform (doc=<optimized out>, xslfilename=<optimized out>, client=<optimized out>) at xslt.c:671
No locals.
#2  0x000055555557988b in stats_transform_xslt (client=client@entry=0x7fffe0000fa0, uri=0x7fffe8021370 "/status2.xsl") at stats.c:1157
        doc = <optimized out>
        mount = 0x0
        ret = <optimized out>
        xslpath = 0x7fffdc0011c0 "/home/patrice/icecast-kh/web/status2.xsl"
#3  0x000055555558d417 in add_authenticated_listener (mount=<optimized out>, mount@entry=0x7fffe8021370 "/status2.xsl", mountinfo=<optimized out>, client=client@entry=0x7fffe0000fa0) at auth.c:537
        ret = 0
        __func__ = "add_authenticated_listener"
#4  0x000055555558dfd0 in auth_postprocess_listener (auth_user=0x7fffe8021320) at auth.c:585
        ret = <optimized out>
        auth = <optimized out>
        mountinfo = <optimized out>
        mount = 0x7fffe8021370 "/status2.xsl"
        client = 0x7fffe0000fa0
        ret = <optimized out>
        client = <optimized out>
        auth = <optimized out>
        mountinfo = <optimized out>
        mount = <optimized out>
        __func__ = "auth_postprocess_listener"
#5  auth_new_listener (auth_user=0x7fffe8021320) at auth.c:274
        client = <optimized out>
        client = <optimized out>
        __func__ = "auth_new_listener"
#6  auth_new_listener (auth_user=0x7fffe8021320) at auth.c:251
        client = <optimized out>
        __func__ = "auth_new_listener"
#7  0x000055555558e15d in auth_run_thread (arg=arg@entry=0x555555612090) at auth.c:397
        auth_user = 0x7fffe8021320
        pending = <optimized out>
        handler = 0x555555612090
        auth = 0x555555611510
        id = 5
        __func__ = "auth_run_thread"
#8  0x000055555559c871 in _start_routine (arg=0x7fffe8010a70) at thread.c:768
        start = 0x7fffe8010a70
        start_routine = 0x55555558e060 <auth_run_thread>
        real_arg = 0x555555612090
        thread = 0x7fffe80213b0
#9  0x00007ffff75ccac3 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#10 0x00007ffff765e850 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

My environnent : Ubuntu 22 LTS x86_64

root@ice03:~/icecast-kh/web# dpkg -l | grep xslt
ii  libnginx-mod-http-xslt-filter          1.18.0-6ubuntu14.4                           amd64        XSLT Transformation module for Nginx
ii  libxslt1-dev:amd64                     1.1.34-4ubuntu0.22.04.1                      amd64        XSLT 1.0 processing library - development kit
ii  libxslt1.1:amd64                       1.1.34-4ubuntu0.22.04.1                      amd64        XSLT 1.0 processing library - runtime library
ii  xsltproc                               1.1.34-4ubuntu0.22.04.1                      amd64        XSLT 1.0 command line processor
@patphobos patphobos changed the title kh22 (rev ea3554b) segfault while serving xsl files protected using htpasswd authentication kh22 (rev ea3554b) crashes (segfault) when serving XSL files protected using htpasswd authentication. Feb 28, 2024
@patphobos
Copy link
Author

Also, here is the valgrind output
valgrind.txt

@patphobos
Copy link
Author

it seem that _xslt_transform expect the request to be attached to a worker, but since it's authenticated, the request seem to be threaded. client->worker is empty when authenticated.

# manually triggered backtrace when the xslt_transform is not protected by authentication : 
#0  _xslt_transform (doc=0x7fffe8007af0, xslfilename=xslfilename@entry=0x7fffe8006540 "/home/patrice/icecast-kh/web/status2.xsl", client=client@entry=0x7fffe0000e40, admin=0) at xslt.c:662
#1  0x000055555557f75f in xslt_transform (doc=<optimized out>, xslfilename=xslfilename@entry=0x7fffe8006540 "/home/patrice/icecast-kh/web/status2.xsl", client=client@entry=0x7fffe0000e40) at xslt.c:673
#2  0x000055555557988b in stats_transform_xslt (client=client@entry=0x7fffe0000e40, uri=0x7fffe80033f0 "/status2.xsl") at stats.c:1157
#3  0x000055555558d3e7 in add_authenticated_listener (mount=<optimized out>, mount@entry=0x7fffe80033f0 "/status2.xsl", mountinfo=<optimized out>, client=client@entry=0x7fffe0000e40) at auth.c:537
#4  0x000055555558e774 in auth_add_listener (mount=mount@entry=0x7fffe80033f0 "/status2.xsl", client=client@entry=0x7fffe0000e40) at auth.c:741
#5  0x0000555555564c49 in _handle_get_request (client=0x7fffe0000e40) at connection.c:1898
#6  0x000055555557c49a in worker (arg=arg@entry=0x555555642b80) at client.c:876
#7  0x000055555559c841 in _start_routine (arg=0x555555642c70) at thread.c:768
#8  0x00007ffff75ccac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#9  0x00007ffff765e850 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

# backtrace of an xslt protected with htpasswd auth :
#0  _xslt_transform (doc=0x7fffdc000ba0, xslfilename=xslfilename@entry=0x7fffe8001870 "/home/patrice/icecast-kh/web/status.xsl", client=client@entry=0x7fffe0000ba0, admin=0) at xslt.c:662
#1  0x000055555557f75f in xslt_transform (doc=<optimized out>, xslfilename=xslfilename@entry=0x7fffe8001870 "/home/patrice/icecast-kh/web/status.xsl", client=client@entry=0x7fffe0000ba0) at xslt.c:673
#2  0x000055555557988b in stats_transform_xslt (client=client@entry=0x7fffe0000ba0, uri=0x555555608020 "/status.xsl") at stats.c:1157
#3  0x000055555558d3e7 in add_authenticated_listener (mount=<optimized out>, mount@entry=0x555555608020 "/status.xsl", mountinfo=<optimized out>, client=client@entry=0x7fffe0000ba0) at auth.c:537
#4  0x000055555558dfa0 in auth_postprocess_listener (auth_user=0x7fffe80017c0) at auth.c:585
#5  auth_new_listener (auth_user=0x7fffe80017c0) at auth.c:274
#6  auth_new_listener (auth_user=0x7fffe80017c0) at auth.c:251
#7  0x000055555558e12d in auth_run_thread (arg=arg@entry=0x55555560fb20) at auth.c:397
#8  0x000055555559c841 in _start_routine (arg=0x7fffe8001870) at thread.c:768
#9  0x00007ffff75ccac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#10 0x00007ffff765e850 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@patphobos