[Aide] Segfault on Gentoo - fixed
Gianluca Insolvibile
g.insolvibile at cpr.it
Sat Aug 28 17:55:03 EEST 2004
Hello,
I got a segfault on Gentoo, using a freshly compiled aide 0.10, whenever
trying to do a --config-check or a --init. Aide was configured as
follows:
$ aide --version
Aide, version 0.10
Compiled with the following options
WITH_GCRYPT
WITH_MHASH
CONFIG_FILE = "/etc/aide/aide.conf"
$ aide --config-check
Segmentation fault
I tracked the problem down to commandconf.c, lines 203-232: Gentoo
configures aide without any --with-confighmactype and
--with-confighmackey. Hence, the call to get_conf_key() (line 208)
returns NULL, mhash initialization is skipped and the mhash() call a few
lines below is fed with an empty thread parameter and segfaults.
I was able to bypass the problem by recompiling aide with a valid HMAC
key (i.e. restart from ./configure and pass --with-confighmactype and
--with-confighmackey) and by adding @@begin_config and @@end_config as
indicated by aide --config-check.
If the above analysis is correct, two bugs have to be fixed. The first
is in aide:
@@ -224,6 +224,7 @@
}
/* FIXME This does not handle the case that @@end_config is on
buffer boundary. */
+ if (conf->confmd != MHASH_FAILED)
if((tmp=strnstr(buf,"@@end_config",retval))!=NULL){
/* We have end of config don't feed the last line to mhash */
mhash(conf->confmd,(void*)buf,tmp-buf);
and the second is in the Gentoo ebuild script.
Since this is my first time using aide, I hope I didn't miss anything!
:)
Bye,
Gianluca
More information about the Aide
mailing list