Bugzilla – Bug 4979
Escaped double quotes not handled correctly
Last modified: 2008-08-11 15:22:37
You need to
before you can comment on or make changes to this bug.
If escaped (double) quotes or similar escaped characters are used in a
"/O=GermanGrid/OU=DESY/CN=\" Name Suppressed\"" myaccnt
this puts the gridmap_parse_line routine in an innifite loop. As a result, any
service using these routines will start eating CPU and never return. Within
minutes, this leads to an almost infinite load on the server in question.
* all services (gatekeeper, gridftp, both plain globus and EDG versions) that
use the "globus_i_gss_assist_gridmap_parse_line" call
* all services and libraries that use code directly derived from this original
GT1.x/GT2 code (such as the LCAS and LCMAPS plug-ins in both their LCG and
* all GT software using routines derived from this code, including the GT4.x
gatekeeper, the workspace service (in .../adduser/source/gridmap.c), possibly
gridFTP as well.
This behaviour has been confirmed on the lcg-CE using the (edg-)gatekeeper
(using an attached debugger), as well as against a plain unmodified GT4.0.2
pre-WS gatekeeper build.
The code suffered from an "off-by-one" error in resognising the escaped quote
characters. It should read like (whitespace compacted):
if (strchr(QUOTING_CHARS, *line) != NULL)
dn_end = line;
/* BUG RESOLV LINE BELOW: are we on an escaped quote? */
if (strchr(ESCAPING_CHARS, *(dn_end - 1))) dn_end++;
dn_end += strcspn(dn_end, QUOTING_CHARS);
if (*dn_end == NUL)
return EXIT_FAILURE; /* of the equivalent goto error; */
/* Make sure it's not escaped */
while (strchr(ESCAPING_CHARS, *(dn_end - 1)) != NULL);
with the extra strchr(3) check before the strcspn(3).
This error needs to be propagated to Globus as well.
Fix committed to trunk and 4_0 branch
fix committed to 3_2 branch as well and the update package for 4.0.3 and 3.2.1
available in the globus advisories web page