From 44dcf4731d5a6db8f12ca5a969c02b98a33a6ed4 Mon Sep 17 00:00:00 2001 From: Eric Bollengier Date: Mon, 12 Sep 2016 17:48:08 +0200 Subject: [PATCH] Fix #2085 About director segfault in cram-md5 function The socket is not supposed to be NULL at that point. BSOCK::recv (this=0x0) at bsock.c:795 in cram_md5_respond (bs=0x0, password=0x7f0961a939c8 "336e56dd67724e551c983a1c50c1f51f", tls_remote_need=, compatible=0x7f09a53e0a68) at cram-md5.c:155 in authenticate_storage_daemon (jcr=0x1469218, store=0x7f0961a93a28) at authenticate.c:98 in connect_to_storage_daemon (jcr=0x1469218, retry_interval=10, max_retry_time=1800, verbose=1) at msgchan.c:133 in do_backup (jcr=0x1469218) at backup.c:498 --- bacula/src/dird/authenticate.c | 5 +++++ bacula/src/dird/msgchan.c | 4 ++++ bacula/src/lib/cram-md5.c | 10 ++++++++++ 3 files changed, 19 insertions(+) diff --git a/bacula/src/dird/authenticate.c b/bacula/src/dird/authenticate.c index e0eb7aca01..0dce7ef5db 100644 --- a/bacula/src/dird/authenticate.c +++ b/bacula/src/dird/authenticate.c @@ -67,6 +67,11 @@ bool authenticate_storage_daemon(JCR *jcr, STORE *store) int compatible = true; bool auth_success = false; + if (!sd) { + Dmsg0(dbglvl, "Invalid bsock\n"); + return false; + } + /* * Send my name to the Storage daemon then do authentication */ diff --git a/bacula/src/dird/msgchan.c b/bacula/src/dird/msgchan.c index 1f227bbd93..ee5f636c9d 100644 --- a/bacula/src/dird/msgchan.c +++ b/bacula/src/dird/msgchan.c @@ -123,6 +123,10 @@ bool connect_to_storage_daemon(JCR *jcr, int retry_interval, sd->set_source_address(director->DIRsrc_addr); if (!sd->connect(jcr, retry_interval, max_retry_time, heart_beat, _("Storage daemon"), store->address, NULL, store->SDport, verbose)) { + + if (!jcr->store_bsock) { /* The bsock was locally created, so we free it here */ + free_bsock(sd); + } sd = NULL; } diff --git a/bacula/src/lib/cram-md5.c b/bacula/src/lib/cram-md5.c index 035983a9df..facdbe0087 100644 --- a/bacula/src/lib/cram-md5.c +++ b/bacula/src/lib/cram-md5.c @@ -50,6 +50,11 @@ bool cram_md5_challenge(BSOCK *bs, const char *password, int tls_local_need, int char host[MAXSTRING]; uint8_t hmac[20]; + if (!bs) { + Dmsg0(dbglvl, "Invalid bsock\n"); + return false; + } + gettimeofday(&t1, &tz); for (i=0; i<4; i++) { gettimeofday(&t2, &tz); @@ -110,6 +115,11 @@ bool cram_md5_respond(BSOCK *bs, const char *password, int *tls_remote_need, int char chal[MAXSTRING]; uint8_t hmac[20]; + if (!bs) { + Dmsg0(dbglvl, "Invalid bsock\n"); + return false; + } + *compatible = false; if (bs->recv() <= 0) { bmicrosleep(5, 0); -- 2.39.5