Uploaded image for project: 'IoTivity'
  1. IoTivity
  2. IOT-1171

1.1-rel : simpleclient segfault if no .dat file in current dir

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: IoTivity 1.1.1
    • Fix Version/s: None
    • Component/s: Sample Application
    • Labels:
    • Found in Version/s:
      1.1-rel
    • Operating System:
      Tizen
    • Hardware / OEM Platform:
      minnowmax
    • Issue Severity:
      Normal
    • Reproducibility:
      Always (100%)

      Description

      Hi,

      I noticed when current rel-1.1 branch is built in secure mode,
      make sure to have the shipped dat files in current dir :

      03125fb63ddecb7e1d74ff0b69036fea ./resource/examples/oic_svr_db_server.dat
      7448470b845a7609d465e9244e7cdf4a ./resource/examples/oic_svr_db_client.dat
      941d2f9fc5f2f6778a7dd2f67b12b8f4 ./resource/examples/oic_svr_db_client_directpairing.dat

      If not it will crash

      How to reproduce :

      1/
      cd /tmp
      /usr/lib64/iotivity/examples/simpleserver

      Usage : simpleserver <value>
      (...)
      Created resource.
      Added Interface and Type
      Waiting
      Jun 28 07:58:13 ALRT 80 invalidate peer
      Jun 28 07:58:13 WARN received alert, peer has been invalidated

      2/ cd /tmp/
      gdb /usr/lib64/iotivity/examples/simpleclient
      (...)

      In foundResource
      Found resource 9cb54dd9-2b49-46a1-b2f2-d5e463050bed/oic/p again!
      Found another resource, ignoring

          • buffer overflow detected ***: /usr/lib64/iotivity/examples/simpleclient terminated

      Program received signal SIGABRT, Aborted.
      [Switching to LWP 6646]
      0x0000003001833e8b in raise () from /lib64/libc.so.6
      (gdb) bt
      #0 0x0000003001833e8b in raise () from /lib64/libc.so.6
      #1 0x00000030018354d5 in abort () from /lib64/libc.so.6
      #2 0x0000003001875376 in __libc_message () from /lib64/libc.so.6
      #3 0x00000030018feb37 in __fortify_fail () from /lib64/libc.so.6
      #4 0x00000030018fcc20 in __chk_fail () from /lib64/libc.so.6
      #5 0x00007ffff7dc4065 in memcpy (__len=<optimized out>, __src=<optimized out>, __dest=0x7ffff6682700) at /usr/include/bits/string3.h:51
      #6 dtls_prepare_record (peer=0x7fffe0000a10, security=security@entry=0x7fffe0000b00, type=<optimized out>, data_array=data_array@entry=0x7ffff6682770, data_len_array=data_len_array@entry=0x7ffff6682778, data_array_len=data_array_len@entry=1,
      sendbuf=sendbuf@entry=0x7ffff6682780 "\026\376", <incomplete sequence \375>, rlen=rlen@entry=0x7ffff6682768) at extlibs/tinydtls/dtls.c:1567
      #7 0x00007ffff7dc4e50 in dtls_retransmit (context=context@entry=0x62e1b0, node=node@entry=0x7fffe4001100) at extlibs/tinydtls/dtls.c:4804
      #8 0x00007ffff7dccafd in dtls_check_retransmit (context=0x62e1b0, next=next@entry=0x0) at extlibs/tinydtls/dtls.c:4880
      #9 0x00007ffff7da5b4c in CAStartRetransmit () at resource/csdk/connectivity/src/adapter_util/caadapternetdtls.c:1030
      #10 0x00007ffff7dd4e24 in checkTimeout () at extlibs/timer/timer.c:236
      #11 0x00007ffff7dd4e61 in loop (threadid=<optimized out>) at extlibs/timer/timer.c:248
      #12 0x0000003001c074a1 in start_thread () from /lib64/libpthread.so.0
      #13 0x00000030018edf7d in clone () from /lib64/libc.so.6

      If started in the the right dir (/usr/lib64/iotivity/examples/ or /opt/..)

      it's working fine as explained at
      https://blogs.s-osg.org/run-iotivity-artik-yocto/

      Does this help ?
      I am not a security wizard, but I can provide more details if needed.

      ps: does this relate to https://jira.iotivity.org/browse/IOT-1150 or https://jira.iotivity.org/browse/IOT-1120 ?

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            • Assignee:
              rzr Philippe Coval
              Reporter:
              rzr Philippe Coval
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: