Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20140924055001.GA21835@port70.net>
Date: Wed, 24 Sep 2014 07:50:01 +0200
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Cc: Justin Cormack <justin@...cialbusservice.com>
Subject: Re: LUA + musl, garbage collection issue?

* Scott Valentine <scottvalen@...mail.com> [2014-09-23 19:25:47 -1000]:
> 
> In any case, this has been a nasty issue to track down. I have surely traced it to the following code block in luci (by process of elimination):
> 
>         local fp
>         luci.http.setfilehandler(
>                 function(meta, chunk, eof)
>                         if not fp then
>                                 if meta and meta.name == "image" then
>                                         fp = io.open(image_tmp, "w")
>                                 else
>                                         fp = io.popen(restore_tmp, "w")
>                                 end
>                         end
>                         if chunk then
>                                 fp:write(chunk)
>                         end
>                         if eof then
>                                 fp:close()
>                         end
>                 end
>         )
> 
> 
> Here, "chunk" is a 2048 byte string, and the library calls are to nixio:
> 

are you sure the nixio function is called?

if fp is not set then io.open is called which should
use libc fopen, so fp:write should be a wrapper around
fwrite

if the code really calls the nixio function below then
there is no stdio involved, it directly writes to an fd

> static int nixio_file_write(lua_State *L) {
>         int fd = nixio__checkfd(L, 1);
>         size_t len;
>         ssize_t sent;
>         const char *data = luaL_checklstring(L, 2, &len);
> 
>         if (lua_gettop(L) > 2) {
>                 int offset = luaL_optint(L, 3, 0);
>                 if (offset) {
>                         if (offset < len) {
>                                 data += offset;
>                                 len -= offset;
>                         } else {
>                                 len = 0;
>                         }
>                 }
> 
>                 unsigned int wlen = luaL_optint(L, 4, len);
>                 if (wlen < len) {
>                         len = wlen;
>                 }
>         }
> 
>         do {
>                 sent = write(fd, data, len);
>         } while(sent == -1 && errno == EINTR);
>         if (sent >= 0) {
>                 lua_pushinteger(L, sent);
>                 return 1;
>         } else {
>                 return nixio__perror(L);
>         }
> }
> 


> When I have time, I'll do a build against eglibc with a reduced BUFSIZ = 1024 (musl's default) and see if the problem is reproduced.
> 

i think you should try to reproduce the bug with a minimal
test-case where either stdio (io.*) is called or nixio only

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.