Activity for Charles Blackburn
-
Charles Blackburn posted a comment on ticket #7
no problem. i don't mind testing i can help. i haven't had time to look at the code yet, but it's a (relatively) simple buffer overflow so maybe einstead of using strcpy, use strncpy with the size of the buffer should fix it. oh and it's the bridge, not TLB, unless im missing something :D
-
ok update.. had chance to take a quick look at the core dump. it appears that the buffer used for messages coming from the server for disconnects is too small you can see where in line #6 where strcpy takes a crap because of the buffer overflow charlesb@UbuntuDev:~/echolink$ gdb /usr/local/bin/tbd core.current Reading symbols from /usr/local/bin/tbd...done. [New LWP 10187] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core...
-
so here is what i get... been happening more lately now as far as the IP address, it doesn't matter that was just the last one, it appears to be mainly people that are coming in via a proxy or via cell phone etc. (my only way of testing). i've attached the core dump if anyone's interested Feb 7 2:38:30 RTP_Data: Failed to find client 44.190.12.83 Feb 7 2:38:30 Rejecting N1FBF, dir IP 44.137.75.243 != IP 44.190.12.83. Feb 7 2:38:30 Disconnecting unauthorized user N1FBF. CORE DUMPED - Buffer overf...
-
is there any update to this? Just installed the latest version from SF and each time a user disconnects or times out the bridge core dumps. i'm working on getting some logs, but it's pretty much exactly as already been posted in here charlesb@UbuntuDev:~/echolink$ uname -a Linux UbuntuDev 4.15.0-64-generic #73-Ubuntu SMP Thu Sep 12 13:16:13 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux charlesb@UbuntuDev:~/echolink$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=18.04 DISTRIB_CODENAME=bionic DISTRIB_DESCRIPTION="Ubuntu...
1
