Re: [Sshguard-users] assert(ret != 0) in read_from() in sshguard_logsuck.c keeps failing in 1.5rc3

[Colin K. <col...@gm...>]

Thanks. From looking at the patch it seems like it will probably be
good so I added it and re-compiled it.

So far it has been 2 days and it hasn't fallen over, but the situation
in which that occurs is random. I tested it using:

echo -n 'Test2' >> /var/log/secure

which should have triggered the previous bug since there is new data
but no new line.

Thanks again.
Colin.

On Fri, Jul 16, 2010 at 5:44 PM, Mij <mi...@ss...> wrote:
> Very curious, I noticed the same possibility some weeks ago, and thought "that condition for
> strings of logs length must be so rare that it's more likely for me to introduce a bug in the code
> for handling it" -- and just threw the assert() in there. Noot! :)
>
> Now committed a version for handling it as r204, thanks!
>
>
> On Jul 8, 2010, at 14:46 , Colin Keith wrote:
>
>> Hi,
>>
>> I keep having intermittent problems with the assert in this code from
>> sshguard-1.5rc3/src/sshguard_logsuck.c
>>
>> 351     /* read until error, newline reached, or buffer exhausted */
>> 352     i = 0;
>> 353     do {
>> 354         ret = read(fd, & buf[i++], 1);
>> 355     } while (ret == 1 && buf[i-1] != '\n' && i < buflen-2);
>> 356     assert(ret != 0);
>> 357     buf[i] = '\0';
>>
>> I keep getting the error message;
>>
>> Assertion `ret != 0' failed.
>>
>> I added some code to print the various values that are used:
>>
>> if(ret == 0) {
>>   sshguard_log(LOG_NOTICE, "ret = %d, i = %d, buflen = %d, buf[i-1] =
>> '%c', buf = %s\n", ret, i, (int)buflen, buf[i-1], buf);
>> }
>>
>> and from that received this output;
>>
>> ret = 0, i = 62, buflen = 999, buf[i-1] = 'n', buf = ul 07 16:45:26
>> thor.hagenhosting.com proftpd[18688] thor.hagenhosting.com
>> (61.55.146.28[61.55.146.28]): FTP session closed.
>>
>>
>> Why is ret == 0 bad? Doesn't that just me EOF?
>>
>> I'm reading from /var/log/ftp.log which is written to by syslog (it is
>> just easier that way) so isn't this just saying that syslog hadn't
>> finished writing the entire line to the log file while I was reading
>> it and thus hit the EOF before the EOL?
>>
>> This is really annoying because when it happens sshguard falls over
>> and so leaves the box open to annoyances again.
>>
>> Thanks,
>> Colin.
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by Sprint
>> What will you do first with EVO, the first 4G phone?
>> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
>> _______________________________________________
>> Sshguard-users mailing list
>> Ssh...@li...
>> https://lists.sourceforge.net/lists/listinfo/sshguard-users
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Sprint
> What will you do first with EVO, the first 4G phone?
> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
> _______________________________________________
> Sshguard-users mailing list
> Ssh...@li...
> https://lists.sourceforge.net/lists/listinfo/sshguard-users
>



-- 
Colin Keith
Systems Administrator
Hagen Software Inc.