[tac_plus] tac_plus*** buffer overflow detected *** PROBLEM

Heasley heas at shrubbery.net
Sun Dec 26 20:00:17 UTC 2010 


On Dec 26, 2010, at 10:56, MSamir <my007ms at yahoo.com> wrote:

> The problem happen when i try to give read access to one group in all task group

Good info. Attach your full config to an email to me.
And, provide the output of bt from gdb -c corefile tacplusbinary. Might need to rebuild tacplus with gcc -g to get a useful backtrace. Thd trace below looks like its in libx, but thats not very useful. 
> 
> optional task = "r:route-policy,r:sbc,r:snmp,r:sonet-sdh,r:static,r:sysmgr,r:system,r:transport,r:tty-access,r:tunnel,r:vlan,r:vrrp,r:acl,r:admin,r:ancp,r:atm,rwxd:basic-services,r:bcdl,r:bfd,r:bgp,r:boot,r:bundle,r:cdp,r:cef,r:cgn,r:config-mgmt,r:config-services,r:crypto,r:diag,r:drivers,r:dwdm,r:eem,r:eigrp,r:ethernet-services,r:fabric,r:fault-mgr,r:filesystem,r:firewall,r:fr,r:hdlc,r:host-services,r:hsrp,r:interface,r:inventory,r:ip-services,r:ipv4,r:ipv6,r:isis,r:l2vpn,r:li,r:logging,r:lpts,r:monitor,r:mpls-ldp,r:mpls-static,r:mpls-te,r:multicast,r:netflow,r:network,r:ospf,r:ouni,r:pkg-mgmt,r:pos-dpt,r:ppp,r:qos,r:rib,r:rip,r:route-map"
> 
> 
> if i make line shorter it's start with no problem 
> i try edit  tac_plus.h and tacacs.h and change MAX_INPUT_LINE_LEN to be 2048 demon start with no problem however
> 
> show user tasks did not show the full list 
> 
> 
> 
> 
> * Restarting TACACS+ authentication daemon tacacs+                                                                                                          *** buffer overflow detected ***: /usr/sbin/tac_plus terminated
> ======= Backtrace: =========
> /lib/libc.so.6(__fortify_fail+0x37)[0x7f6daf475217]
> /lib/libc.so.6(+0xfe0d0)[0x7f6daf4740d0]
> /lib/libc.so.6(+0xfcf87)[0x7f6daf472f87]
> /usr/sbin/tac_plus[0x405f41]
> /usr/sbin/tac_plus[0x405f5c]
> /usr/sbin/tac_plus[0x4061d7]
> /usr/sbin/tac_plus[0x407615]
> /usr/sbin/tac_plus[0x40767c]
> /usr/sbin/tac_plus[0x412ce4]
> /usr/sbin/tac_plus[0x413175]
> /lib/libc.so.6(__libc_start_main+0xfd)[0x7f6daf394c4d]
> /usr/sbin/tac_plus[0x402de9]
> ======= Memory map: ========
> 00400000-0041b000 r-xp 00000000 08:01 173607                             /usr/sbin/tac_plus
> 0061a000-0061b000 r--p 0001a000 08:01 173607                             /usr/sbin/tac_plus
> 0061b000-0061c000 rw-p 0001b000 08:01 173607                             /usr/sbin/tac_plus
> 0061c000-0061f000 rw-p 00000000 00:00 0 
> 018e9000-0190a000 rw-p 00000000 00:00 0                                  [heap]
> 7f6daef5b000-7f6daef71000 r-xp 00000000 08:01 1569848                    /lib/libgcc_s.so.1
> 7f6daef71000-7f6daf170000 ---p 00016000 08:01 1569848                    /lib/libgcc_s.so.1
> 7f6daf170000-7f6daf171000 r--p 00015000 08:01 1569848                    /lib/libgcc_s.so.1
> 7f6daf171000-7f6daf172000 rw-p 00016000 08:01 1569848                    /lib/libgcc_s.so.1
> 7f6daf172000-7f6daf174000 r-xp 00000000 08:01 1573548                    /lib/libdl-2.11.1.so
> 7f6daf174000-7f6daf374000 ---p 00002000 08:01 1573548                    /lib/libdl-2.11.1.so
> 7f6daf374000-7f6daf375000 r--p 00002000 08:01 1573548                    /lib/libdl-2.11.1.so
> 7f6daf375000-7f6daf376000 rw-p 00003000 08:01 1573548                    /lib/libdl-2.11.1.so
> 7f6daf376000-7f6daf4f0000 r-xp 00000000 08:01 1573544                    /lib/libc-2.11.1.so
> 7f6daf4f0000-7f6daf6ef000 ---p 0017a000 08:01 1573544                    /lib/libc-2.11.1.so
> 7f6daf6ef000-7f6daf6f3000 r--p 00179000 08:01 1573544                    /lib/libc-2.11.1.so
> 7f6daf6f3000-7f6daf6f4000 rw-p 0017d000 08:01 1573544                    /lib/libc-2.11.1.so
> 7f6daf6f4000-7f6daf6f9000 rw-p 00000000 00:00 0 
> 7f6daf6f9000-7f6daf711000 r-xp 00000000 08:01 1573542                    /lib/libpthread-2.11.1.so
> 7f6daf711000-7f6daf910000 ---p 00018000 08:01 1573542                    /lib/libpthread-2.11.1.so
> 7f6daf910000-7f6daf911000 r--p 00017000 08:01 1573542                    /lib/libpthread-2.11.1.so
> 7f6daf911000-7f6daf912000 rw-p 00018000 08:01 1573542                    /lib/libpthread-2.11.1.so
> 7f6daf912000-7f6daf916000 rw-p 00000000 00:00 0 
> 7f6daf916000-7f6daf91f000 r-xp 00000000 08:01 1573530                    /lib/libcrypt-2.11.1.so
> 7f6daf91f000-7f6dafb1f000 ---p 00009000 08:01 1573530                    /lib/libcrypt-2.11.1.so
> 7f6dafb1f000-7f6dafb20000 r--p 00009000 08:01 1573530                    /lib/libcrypt-2.11.1.so
> 7f6dafb20000-7f6dafb21000 rw-p 0000a000 08:01 1573530                    /lib/libcrypt-2.11.1.so
> 7f6dafb21000-7f6dafb4f000 rw-p 00000000 00:00 0 
> 7f6dafb4f000-7f6dafb66000 r-xp 00000000 08:01 1573528                    /lib/libnsl-2.11.1.so
> 7f6dafb66000-7f6dafd65000 ---p 00017000 08:01 1573528                    /lib/libnsl-2.11.1.so
> 7f6dafd65000-7f6dafd66000 r--p 00016000 08:01 1573528                    /lib/libnsl-2.11.1.so
> 7f6dafd66000-7f6dafd67000 rw-p 00017000 08:01 1573528                    /lib/libnsl-2.11.1.so
> 7f6dafd67000-7f6dafd69000 rw-p 00000000 00:00 0 
> 7f6dafd69000-7f6dafd75000 r-xp 00000000 08:01 1569866                    /lib/libpam.so.0.82.2
> 7f6dafd75000-7f6daff74000 ---p 0000c000 08:01 1569866                    /lib/libpam.so.0.82.2
> 7f6daff74000-7f6daff75000 r--p 0000b000 08:01 1569866                    /lib/libpam.so.0.82.2
> 7f6daff75000-7f6daff76000 rw-p 0000c000 08:01 1569866                    /lib/libpam.so.0.82.2
> 7f6daff76000-7f6daff7a000 r-xp 00000000 08:01 173604                     /usr/lib/libtacacs.so.1.0.0
> 7f6daff7a000-7f6db0179000 ---p 00004000 08:01 173604                     /usr/lib/libtacacs.so.1.0.0
> 7f6db0179000-7f6db017a000 r--p 00003000 08:01 173604                     /usr/lib/libtacacs.so.1.0.0
> 7f6db017a000-7f6db017b000 rw-p 00004000 08:01 173604                     /usr/lib/libtacacs.so.1.0.0
> 7f6db017b000-7f6db0184000 r-xp 00000000 08:01 1573926                    /lib/libwrap.so.0.7.6
> 7f6db0184000-7f6db0383000 ---p 00009000 08:01 1573926                    /lib/libwrap.so.0.7.6
> 7f6db0383000-7f6db0384000 r--p 00008000 08:01 1573926                    /lib/libwrap.so.0.7.6
> 7f6db0384000-7f6db0385000 rw-p 00009000 08:01 1573926                    /lib/libwrap.so.0.7.6
> 7f6db0385000-7f6db0386000 rw-p 00000000 00:00 0 
> 7f6db0386000-7f6db03a6000 r-xp 00000000 08:01 1573529                    /lib/ld-2.11.1.so
> 7f6db0595000-7f6db059a000 rw-p 00000000 00:00 0 
> 7f6db05a2000-7f6db05a5000 rw-p 00000000 00:00 0 
> 7f6db05a5000-7f6db05a6000 r--p 0001f000 08:01 1573529                    /lib/ld-2.11.1.so
> 7f6db05a6000-7f6db05a7000 rw-p 00020000 08:01 1573529                    /lib/ld-2.11.1.so
> 7f6db05a7000-7f6db05a8000 rw-p 00000000 00:00 0 
> 7fff1c651000-7fff1c666000 rw-p 00000000 00:00 0                          [stack]
> 7fff1c695000-7fff1c696000 r-xp 00000000 00:00 0                          [vdso]
> ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
> Aborted
> 
> 
> --- On Sun, 12/26/10, john heasley <heas at shrubbery.net> wrote:
> 
>> From: john heasley <heas at shrubbery.net>
>> Subject: Re: [tac_plus] tac_plus*** buffer overflow detected *** PROBLEM
>> To: "MSamir" <my007ms at yahoo.com>
>> Cc: tac_plus at shrubbery.net
>> Date: Sunday, December 26, 2010, 1:06 PM
>> Sat, Dec 25, 2010 at 11:24:11PM
>> -0800, MSamir:
>>> hello Yagnesh,
>>> i face the same problem did you solve it ?
>>> it's happen when i have very long line i guess there
>> is limit in config file parser 
>> 
>> the supplied config file works for me, so its something
>> particular to your
>> system or build.  supply a backtrace from the core
>> file.
>> 
> 
> 
>

More information about the tac_plus mailing list