# commons-issues mailing list archives

##### Site index · List index
Message view
Top
From "Mikhail Dobrinin (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DAEMON-341) prunsrv injects garbage into ImagePath
Date Fri, 04 Nov 2016 22:18:59 GMT

[ https://issues.apache.org/jira/browse/DAEMON-341?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15637878#comment-15637878
]

Mikhail Dobrinin commented on DAEMON-341:
-----------------------------------------

Unfortunately I don't have access to the exact environment where this was observed. However,
here is the best information I can provide:
* I can say that I was not able to reproduce this on other machines (only on Windows Serevr
2008 not R2). Likewise, when it is reproducible, it is reproducible every time.
* We did an environment variable dump at the time and did not see anything pointing to log
files, or any non-ascii characters in the names or values ($^\x00-\x7F$). Note that I am
talking about the environment variables in the shell process. The actual command to reproduce
this was boiled down to the simple example you see above (without any ++Environment, --JVM,
or any other arguments).
* Each time that I saw this, it would appear that the garbage is part of a path to a log file,
but as you can can see in the above example that the "g" in "log" is changed to a "ɥ". The
full command that we would be executing in production would set the "\-\-LogPath" and "\-\-LogPrefix"
arguments and the directory to which it would point actually would usually contain log files
with dates as seen in the example "...10-08.log". However, these log files were not passed
as arguments to the prunsrv command and were not seen in the environment variable dumps. On
top of that, I was able to reproduce it with very simple commands to prunsrv that don't pass
there arguments. I am thinking they may have been incidentally been nearby in the memory and
this may be some kind of buffer overflow issue.

> prunsrv injects garbage into ImagePath
> --------------------------------------
>
>                 Key: DAEMON-341
>                 URL: https://issues.apache.org/jira/browse/DAEMON-341
>             Project: Commons Daemon
>          Issue Type: Bug
>          Components: Procrun
>    Affects Versions: 1.0.15
>         Environment: Windows Server 2008 (not R2)
>            Reporter: Mikhail Dobrinin
>
> Here is a reproducible example that works every time:
> {noformat}
> prunsrv.exe //IS//abcd.branch2 --StartMode=jvm --StartClass=abc.abcdefghih.abcd.abcdef.abcd.MyImportantClass
--StartMethod=startService ++StartParams=abcd.branch2
> {noformat}
> The ImagePath entry for the service ends up being:
> {noformat}
> C:\path\to\prunsrv.exe 12-08.loɥ//RS//abcd.branch2
> {noformat}
> As you see, there is garbage inserted in front of the {{//RS//}} string.

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)


Mime
View raw message