guacamole-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Jumper (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GUACAMOLE-194) Double free() in guac_common_ssh_destroy_user()
Date Sun, 26 Feb 2017 23:13:45 GMT

    [ https://issues.apache.org/jira/browse/GUACAMOLE-194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15884966#comment-15884966
] 

Michael Jumper commented on GUACAMOLE-194:
------------------------------------------

Looks like both VNC and RDP will double-free the SFTP user if client initialization fails:
first within the init routine when it fails, and then again when the client itself is being
cleaned up.

> Double free() in guac_common_ssh_destroy_user()
> -----------------------------------------------
>
>                 Key: GUACAMOLE-194
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-194
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacd
>    Affects Versions: 0.9.10-incubating
>         Environment: guacd docker container on ubuntu and debian
>            Reporter: Robin
>            Assignee: Michael Jumper
>         Attachments: GATEWAY1-logs.zip, GATEWAY2-logs.zip, guacd-stack trace.txt
>
>
> We are heavy users of the RDP feature with SSH/SFTP for file downloads and uploads. 
We are seeing frequent guacd crashes, even the first session log off can cause a crash. 
> After a few sessions (Sometimes hundreds, often thousands)  the container becomes unstable,
causes very high system load and no new connections via guacamole are possible.  We typically
also see the virtual docker Ethernet adapter enter the disabled state.
> {code:none|title=https://github.com/apache/incubator-guacamole-server/blob/d831a4b9dfee685d2c00f83dabff59d0be917496/src/common-ssh/guac_ssh_user.c}
> void guac_common_ssh_destroy_user(guac_common_ssh_user* user) {
>     /* Free private key, if present */
>     if (user->private_key != NULL)
>         guac_common_ssh_key_free(user->private_key);
>     /* Free all other data */
>     free(user->password);
>     free(user->username);
>     free(user);
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message