个人中心
文章发布
退出
作者热门文章
- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
25
4
我一直在和一个 friend 一起写一些代码,大部分都是在 archlinux 上测试过的。当我们在ubuntu上重新编译测试时,它通过程序获得了一条路,然后返回了一个stack smashing错误。我添加了一些打印语句来确定崩溃发生的位置,但我们都看不到原因。
代码如下,错误似乎发生在代码从“authenticate”函数返回时:
/** Includes **/
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>
#include <time.h>
#include <pthread.h>
#include <mysql.h>
/* Definitions */
#define LIC_SERVER_PORTNO 2325
//#define LIC_SERVER_ADDR "69.68.67.66"
#define SERVER_PORTNO 4959
#define UPLEN 45
#define MAX_USER_NUM 100
//#define MAX_KA_TIME 2000
#define MAX_KA_TIME 20
/** Structure to hold info on logged in users **/
typedef struct {
char *ip;
time_t login_time;
time_t last_check;
} user;
/** GLOBALS **/
user *users;
int user_num;
/** Version string function **/
const char* version()
{
return "0.1r3";
}
void exit_signal(int sig)
{
pthread_exit(NULL);
printf("\nTerminating server. Goodbye!\n\n");
(void) signal(SIGINT, SIG_DFL);
exit(0);
}
/** Function for error reporting **/
void error(char *msg)
{
perror(msg);
exit(1);
}
int authenticate(char* uname,char* pwd)
{
MYSQL *conn;
MYSQL_RES *res;
MYSQL_ROW row;
int r=0;
const char *server = "localhost";
const char *user = "root";
const char *password = "12345"; /* set me first */
const char *database = "test";
printf("inside authenticate %s\n","one");
conn = mysql_init(NULL);
/* Connect to database */
if (!mysql_real_connect(conn, server,user, password, database, 0, NULL, 0)) {
fprintf(stderr, "%s\n", mysql_error(conn));
exit(1);
}
printf("inside authenticate %s\n","two");
/* send SQL query */
char query [] = "select * from users where username='";
char q2 [] = "';";
//char *tmp,*query;
strcat(query,uname);
strcat(query,q2);
printf("inside authenticate %s\n","three");
if (mysql_query(conn,query)) {
fprintf(stderr, "%s\n", mysql_error(conn));
exit(1);
}
res = mysql_use_result(conn);
if (res==NULL) return 0;
row = mysql_fetch_row(res);
if (row==NULL) return 0;
printf("inside authenticate %s\n","four");
if ( (strcmp(row[2],uname)==0) && (strcmp(row[3],pwd)==0) )
r = 1;
/* close connection */
mysql_free_result(res);
mysql_close(conn);
printf("inside authenticate %s\n","five");
return r;
}
/** Keep alive guard **/
void *keep_alive_guard(void *thread_data)
{
int i,k,c;
time_t ts;
while (1) {
ts = time(NULL);
for (i=0;i<user_num;i++) {
char the_ip[50],the_ip2[50];
char scall1[1024],scall2[1024];
if (ts-users[i].last_check>MAX_KA_TIME) {
strncpy(the_ip,users[i].ip,50);
strncpy(the_ip2,users[i].ip,50);
// system call to delete redirection for all incoming packets to licence server for port 1055
strncpy(scall1,"iptables -t nat -D PREROUTING -s ",1024);
strcat(scall1,the_ip);
strcat(scall1," -j REDIRECT -p tcp --to-port 1055 --dport 4957");
//printf("%s\n",scall1);
FILE *phony = popen(scall1,"r");
pclose(phony);
// system call to delete redirection for all incoming packets to licence server for port 2325
strncpy(scall2,"iptables -t nat -D PREROUTING -s ",1024);
strcat(scall2,the_ip2);
strcat(scall2," -j REDIRECT -p tcp --to-port 2325 --dport 4958");
//printf("%s\n",scall2);
FILE *phony2 = popen(scall2,"r");
pclose(phony2);
for (k=i;k<user_num;k++) {
if (k!=MAX_USER_NUM-1) {
memcpy(&users[k],&users[k+1],sizeof(user));
}
}
user_num--;
}
}
}
}
/* Main function */
int main(int argc,char* argv[])
{
// Initializing
printf("Licence proxy (server) v%s\n",version());
printf("Initializing...");
user_num = 0;
users = (user*)malloc(MAX_USER_NUM*sizeof(user));
(void) signal(SIGINT, exit_signal);
FILE *notha = popen("iptables -A INPUT ! -s 127.0.0.1 -p tcp --dport 1055 -j DROP","r");
pclose(notha);
FILE *notha2 = popen("iptables -A INPUT ! -s 127.0.0.1 -p tcp --dport 2325 -j DROP","r");
pclose(notha2);
// Basic variables for socket handling
int sockfd, newsockfd, portno, clilen;
struct sockaddr_in serv_addr, cli_addr; //addresses
int n,i;
// Create socket
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0)
error((char*)"ERROR opening socket");
bzero((char *) &serv_addr, sizeof(serv_addr));
portno = SERVER_PORTNO; // Set port number to listen
// Set options for socket and bind to port
serv_addr.sin_family = AF_INET;
serv_addr.sin_addr.s_addr = INADDR_ANY;
serv_addr.sin_port = htons(portno);
if (bind(sockfd, (struct sockaddr *) &serv_addr,sizeof(serv_addr)) < 0)
error((char*)"ERROR on binding");
printf("ok!\n\nRunning...\n\n");
// Start listening
listen(sockfd,5);
// Create thread for keep alive guard
pthread_t kag;
int rc;
rc = pthread_create(&kag,NULL,keep_alive_guard,(void *)user_num);
char datauser [UPLEN],*user;
char datapass [UPLEN],*pass;
char datareq_id [UPLEN],*req_id;
char respOK [] = "OK";
char respNK [] = "NK";
while (1) {
// Accept connection from peer
clilen = sizeof(cli_addr);
newsockfd = accept(sockfd,(struct sockaddr *) &cli_addr,(socklen_t*)&clilen);
if (newsockfd < 0)
error((char*)"ERROR on accept");
n = recv(newsockfd,datareq_id,UPLEN,0);
if (n < 0) error((char*)"ERROR reading username from client");
req_id = (char*)malloc(strlen(datareq_id));
strncpy(req_id,datareq_id,strlen(datareq_id));
if (req_id[0]=='K') {
for (i=0;i<user_num;i++) {
if (strcmp(users[i].ip,inet_ntoa(cli_addr.sin_addr))==0) {
users[i].last_check = time(NULL);
}
}
}
else if (req_id[0]=='L') {
printf("Transaction requested from %s\n",inet_ntoa(cli_addr.sin_addr));
// Read and wrap username from client
n = recv(newsockfd,datauser,UPLEN,0);
if (n < 0) error((char*)"ERROR reading username from client");
user = (char*)malloc(strlen(datauser));
strncpy(user,datauser,strlen(datauser));
printf("here %s\n","one");
// Read and wrap password from client
n = recv(newsockfd,datapass,UPLEN,0);
if (n < 0) error((char*)"ERROR reading password from client");
pass = (char*)malloc(strlen(datapass));
strncpy(pass,datapass,strlen(datapass));
printf("here %s\n","two");
char scall[1024],scall2[1024];
printf("here %s\n","two + one line");
//Cross-check authorization data against MYSQL database and take action
if (authenticate(user,pass)==1) {
printf("outside authenticate (success) %s\n","one");
n = send(newsockfd,respOK,UPLEN,0);
printf("outside authenticate (success) %s\n","two");
if (n < 0) error((char*)"ERROR writing to socket");
printf("here %s\n","two and a lot");
// system call to redirect all incoming packets to licence server for port 1055
strncpy(scall,"iptables -t nat -A PREROUTING -s ",1024);
printf("here %s\n","three");
strcat(scall,inet_ntoa(cli_addr.sin_addr));
strcat(scall," -j REDIRECT -p tcp --to-port 1055 --dport 4957");
//printf("%s\n",scall);
FILE *phony = popen(scall,"r");
pclose(phony);
printf("here %s\n","four");
// system call to redirect all incoming packets to licence server for port 2325
strncpy(scall2,"iptables -t nat -A PREROUTING -s ",1024);
strcat(scall2,inet_ntoa(cli_addr.sin_addr));
strcat(scall2," -j REDIRECT -p tcp --to-port 2325 --dport 4958");
//printf("%s\n",scall2);
FILE *phony2 = popen(scall2,"r");
pclose(phony2);
printf("here %s\n","five");
printf("%s successfully logged in.\n",inet_ntoa(cli_addr.sin_addr));
users[user_num].ip = (char*)malloc(strlen(inet_ntoa(cli_addr.sin_addr)));
strncpy(users[user_num].ip,inet_ntoa(cli_addr.sin_addr),strlen(inet_ntoa(cli_addr.sin_addr)));
printf("here %s\n","six");
users[user_num].login_time = time(NULL);
users[user_num].last_check = time(NULL);
user_num++;
}
else
{
printf("outside authenticate (fail) %s","one");
n = send(newsockfd,respNK,UPLEN,0);
if (n < 0) error((char*)"ERROR writing to socket");
printf("Access denied to %s.\n",inet_ntoa(cli_addr.sin_addr));
}
free(user);
free(pass);
}
close(newsockfd);
}
shutdown(sockfd,SHUT_RDWR);
close(sockfd);
pthread_exit(NULL);
return 0;
}
错误位置在下面的控制台输出中给出:
Transaction requested from 192.168.1.10
here one
here two
here two + one line
inside authenticate one
inside authenticate two
inside authenticate three
inside authenticate four
inside authenticate five
*** stack smashing detected ***: ./lproxy-server terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x50)[0xb757f390]
/lib/tls/i686/cmov/libc.so.6(+0xe233a)[0xb757f33a]
./lproxy-server(authenticate+0x28c)[0x8049299]
./lproxy-server(main+0x49d)[0x804998e]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb74b3bd6]
./lproxy-server[0x8048f41]
======= Memory map: ========
08048000-0804b000 r-xp 00000000 08:01 128583 /home/martin/Downloads/licproxy-server2/lproxy-server
0804b000-0804c000 r--p 00002000 08:01 128583 /home/martin/Downloads/licproxy-server2/lproxy-server
0804c000-0804d000 rw-p 00003000 08:01 128583 /home/martin/Downloads/licproxy-server2/lproxy-server
0915b000-0917c000 rw-p 00000000 00:00 0 [heap]
b6bce000-b6beb000 r-xp 00000000 08:01 2648 /lib/libgcc_s.so.1
b6beb000-b6bec000 r--p 0001c000 08:01 2648 /lib/libgcc_s.so.1
b6bec000-b6bed000 rw-p 0001d000 08:01 2648 /lib/libgcc_s.so.1
b6bfc000-b6bfd000 ---p 00000000 00:00 0
b6bfd000-b73ff000 rw-p 00000000 00:00 0
b73ff000-b7412000 r-xp 00000000 08:01 2763 /lib/libz.so.1.2.3.3
b7412000-b7413000 r--p 00012000 08:01 2763 /lib/libz.so.1.2.3.3
b7413000-b7414000 rw-p 00013000 08:01 2763 /lib/libz.so.1.2.3.3
b7414000-b7438000 r-xp 00000000 08:01 8012 /lib/tls/i686/cmov/libm-2.11.1.so
b7438000-b7439000 r--p 00023000 08:01 8012 /lib/tls/i686/cmov/libm-2.11.1.so
b7439000-b743a000 rw-p 00024000 08:01 8012 /lib/tls/i686/cmov/libm-2.11.1.so
b743a000-b744d000 r-xp 00000000 08:01 8048 /lib/tls/i686/cmov/libnsl-2.11.1.so
b744d000-b744e000 r--p 00012000 08:01 8048 /lib/tls/i686/cmov/libnsl-2.11.1.so
b744e000-b744f000 rw-p 00013000 08:01 8048 /lib/tls/i686/cmov/libnsl-2.11.1.so
b744f000-b7451000 rw-p 00000000 00:00 0
b7451000-b745a000 r-xp 00000000 08:01 7807 /lib/tls/i686/cmov/libcrypt-2.11.1.so
b745a000-b745b000 r--p 00008000 08:01 7807 /lib/tls/i686/cmov/libcrypt-2.11.1.so
b745b000-b745c000 rw-p 00009000 08:01 7807 /lib/tls/i686/cmov/libcrypt-2.11.1.so
b745c000-b7483000 rw-p 00000000 00:00 0
b7483000-b7498000 r-xp 00000000 08:01 8259 /lib/tls/i686/cmov/libpthread-2.11.1.so
b7498000-b7499000 r--p 00014000 08:01 8259 /lib/tls/i686/cmov/libpthread-2.11.1.so
b7499000-b749a000 rw-p 00015000 08:01 8259 /lib/tls/i686/cmov/libpthread-2.11.1.so
b749a000-b749d000 rw-p 00000000 00:00 0
b749d000-b75f0000 r-xp 00000000 08:01 7789 /lib/tls/i686/cmov/libc-2.11.1.so
b75f0000-b75f1000 ---p 00153000 08:01 7789 /lib/tls/i686/cmov/libc-2.11.1.so
b75f1000-b75f3000 r--p 00153000 08:01 7789 /lib/tls/i686/cmov/libc-2.11.1.so
b75f3000-b75f4000 rw-p 00155000 08:01 7789 /lib/tls/i686/cmov/libc-2.11.1.so
b75f4000-b75f7000 rw-p 00000000 00:00 0
b75f7000-b77a1000 r-xp 00000000 08:01 5403 /usr/lib/libmysqlclient.so.16.0.0
b77a1000-b77a2000 ---p 001aa000 08:01 5403 /usr/lib/libmysqlclient.so.16.0.0
b77a2000-b77a5000 r--p 001aa000 08:01 5403 /usr/lib/libmysqlclient.so.16.0.0
b77a5000-b77ea000 rw-p 001ad000 08:01 5403 /usr/lib/libmysqlclient.so.16.0.0
b77ea000-b77eb000 rw-p 00000000 00:00 0
b77ed000-b77f7000 r-xp 00000000 08:01 8119 /lib/tls/i686/cmov/libnss_files-2.11.1.so
b77f7000-b77f8000 r--p 00009000 08:01 8119 /lib/tls/i686/cmov/libnss_files-2.11.1.so
b77f8000-b77f9000 rw-p 0000a000 08:01 8119 /lib/tls/i686/cmov/libnss_files-2.11.1.so
b77f9000-b77fc000 rw-p 00000000 00:00 0
b77fc000-b77fd000 r-xp 00000000 00:00 0 [vdso]
b77fd000-b7818000 r-xp 00000000 08:01 2813 /lib/ld-2.11.1.so
b7818000-b7819000 r--p 0001a000 08:01 2813 /lib/ld-2.11.1.so
b7819000-b781a000 rw-p 0001b000 08:01 2813 /lib/ld-2.11.1.so
bfd4c000-bfd61000 rw-p 00000000 00:00 0 [stack]
Aborted
任何人都可以阐明我们做错了什么、我们如何自己解决问题以及我们如何避免将来出现类似错误。
此外,如果有人知道为什么它在 archlinux 中运行良好,但在 ubuntu 中运行良好,我将非常有兴趣听听。
最佳答案
您使用 strcat 附加到位于堆栈上的数组(query),并且仅具有初始值所需的确切大小。这样,您就会溢出堆栈上的缓冲区,这会导致各种奇怪和有趣的行为。
它能在 Arch Linux 上运行纯属巧合; Ubuntu 上的 gcc 默认启用堆栈检查并发现错误。
关于C 代码在 archlinux 上运行,但不能在 ubuntu 10.04 上运行,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5116633/
25
4
0
关闭。这个问题是off-topic .它目前不接受答案。 想改善这个问题吗? Update the question所以它是 on-topic对于堆栈溢出。 9年前关闭。 Improve this q
如何在 Arch Linux 中使用“makepkg”来安装 AUR 而无需安装任何依赖项?或者任何可以做到这一点的 AUR 助手? 有点类似于 pacman(包): pacman -Sdd somp
我正在运行sudo pacman -Syu在我的 Archlinux 上,我得到以下信息: cristian@localhost:~$ sudo pacman -Syu :: Synchronizin
当我尝试在 arch Linux 上启动 realvnc-vnc-viewer 时,依赖项 (libcrypt.so.1) 丢失了。每次我尝试使用命令行启动 vnc-viewer 时都会提示这些错误:
关闭。这个问题不符合Stack Overflow guidelines .它目前不接受答案。 这个问题似乎不是关于 a specific programming problem, a softwar
所以,我试图通过以下方式删除 GNOME sudo pacman -Rsn gnome 但我得到了错误 checking dependencies... :: removing networkmana
我知道使用 systemctl status 检查服务的特定状态并使用 systemctl enable 在系统启动时将服务置于自动启动状态。但是如何列出所有现有的自动启动服务? 最佳答案 对于系统和
1、配置pacman源 nano /etc/pacman.d/mirrorlist #编辑pacman源 找到## China,取消下面每行前面的注释,开启国内pacman源 ## China S
像许多弓箭手一样,我每天都使用pacman更新软件。 通常会有这样的更新: foo-1.1 ---> foo.1.2 我想知道是否有办法查看从foo-1.1更新为foo-1.2的内容,或发布说明错误修
slock 与 xfce 一起安装。 当我点击右上角的“锁定屏幕”时,屏幕变黑。按任意键,屏幕会变红,但如何取消呢? slock中没有解锁的UI? 最佳答案 我发现它只是在等待密码。输入正确的密码,屏
我正在通过 pacman -Ss boost-libs 安装 C++ boost 库。安装后,我想知道我的软件包安装在系统中的哪个位置。 有没有 pacman 命令可以做到这一点? 最佳答案 我现在不
Cat' 在我的 archlinux x64 上启动 mysqld。 Job for mysqld.service failed. See "systemctl status mysqld.servi
我在我的 ArchLinux 上安装了 mongodb,我想导出数据库。但我找不到命令 'mongoexport'。我使用 "find/-name 'mongo*' 但没有找到有关 mongoexpo
说明: 系统:Archlinux IP地址:192.168.21.170 子网掩码:255.255.255.0 网关:192.168.21.2 DNS:8.8.8.8 8.8.4.4
我的平板支撑有问题。不幸的是,我在 stackoverflow 或其他任何地方都找不到任何条目来解决我的问题。因此,我决定在这里提出一个新问题。 我的问题: 一些应用程序(.desktop 文件)在
2021-09-30 the Lets Encrypt certificate DST_ROOT_CA_X3 expired .我有一个较旧的 Archlinux 版本,现在无法通过对 Lets En
我从官方 Arch Linux 软件包存储库安装了 pgadmin4 (v4.4) 软件包。它一直有效,直到最近的更新。现在我无法添加新服务器。在浏览器中我得到了错误: http://127.0.0.
我想知道 yaourt 是否可以设置为始终对某些软件包使用 ABS(构建形式源)(因此,即使在执行完整系统升级时,它们也是从源构建的:yaourt -Syua)。 /etc/yaourtrc 中的 B
此文本显示在 intellij idea的运行选项卡。它是什么?我在谷歌搜索,但只有 gnome 解决方案。我正在使用 archlinux 和 kde5 等 ionic 最佳答案 运行: sudo p
嗨,我有一个基于 Swing 的 Java 应用程序,它在我的 Kali 发行版中的计算机上运行良好 我想在基于 ArchLinux 的 raspBerry pi3 b+ 中运行这个应用程序 jar,
我是一名优秀的程序员,十分优秀!