From: Steven D. <Ste...@in...> - 2024-09-09 12:37:29
|
Hello TJ, Many thanks for your quick and sound reply ! If I read it correctly, the only option that I have is to recompile the current version. The only (official) available version for RHEL 8.10 (via EPEL) is version 1.3.6e-7, in which I don't think the issue that I described is fixed... https://pkgs.org/download/proftpd https://www.rpmfind.net/linux/rpm2html/search.php?query=proftpd&submit=Search+...&system=&arch= Luckily we have a test system where I could perform the recompilation, before bringing it into production. Thanks again for pointing me in the right direction ! Best regards, Steven Driesmans Sensitivity: Company -----Original Message----- From: TJ Saunders <tj...@ca...> Sent: Saturday, September 7, 2024 5:32 PM To: ProFTPD Users <pro...@li...>; pro...@pr... Cc: Steven Driesmans <Steven.Driesmans@inetum-realdolmen.world> Subject: Re: [Proftpd-user] Proftpd AuthGroupFile == EXTERNAL MAIL == This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. > A virtual groups file (AuthGroupFile definition inside the proftpd > config file underneath /etc/proftpd/conf.d) has one group that > contains > 64 or more virtual users. > > Some time ago, adding a new virtual user to that specific group lead > to the following error message inside the sftp logfile: > > Jul 10 12:54:28 <hostname> proftpd[1176232]: session[1176232] > <IP-address> (<IP-address>[<IP-address>]): Malformed entry in > AuthGroupFile file (line 85) Jul 10 12:54:28 <hostname> > proftpd[1176232]: session[1176232] <hostname> > (<IP-address>[<IP-address>]): Malformed entry in AuthGroupFile file > (line 170) Jul 10 12:54:28 <hostname> proftpd[1176232]: realloc(): > invalid next size The handling of these AuthUserFile, AuthGroupFiles has changed over time. In particular, ProFTPD _might_ use some functions in the C library for reading these files -- depending on the platform; otherwise, it would use its own internal functions. Either way, there is a fixed buffer that is used for reading a single line of text; it is possible that your current AuthGroupFile has a line of text that is longer than that fixed buffer size. If the line of text is longer than the buffer, then ProFTPD will not read the entire line; it will be truncated. Which, in turn, can lead to "malformed syntax" sorts of parse errors. In the cases where ProFTPD uses its own internal functions for handling these auth files, that fixed buffer size is 1024 characters: https://github.com/proftpd/proftpd/blob/master/include/options.h#L84 That buffer size can be changed, but only at compile-time, using the --enable-tunable-buffer-size configure option. I should also point out that the use of C library functions, vs internal functions, did change in ProFTPD versions newer than yours; see: https://github.com/proftpd/proftpd/issues/1134 > Jul 10 12:54:28 <hostname> proftpd[1176232]: realloc(): invalid next > size This particular log message looks like a related, but slightly different issue: https://github.com/proftpd/proftpd/issues/1321 Hope this helps, TJ |