search

CESNET / netopeer2

NETCONF toolset
BSD 3-Clause "New" or "Revised" License
301 stars 189 forks source link

Segfault during "edit-config --defop replace" if having an invalid "inet:domain-name;" in the config.xml #1400

Closed qupfer closed 1 year ago

qupfer commented 1 year ago

Hi, during some experiments with valid/invalid configdata, I run in an reproducible error, which crashs the netopeer2-server.

Steps to reproduce:

  1. import YANG which use type inet:domain-name; (not sure if its related to inet:domain-name; or invalid data at all)
curl -O https://github.com/YangModels/yang/blob/main/experimental/ietf-extracted-YANG-modules/ietf-system%402014-05-14.yang
sysrepoctl -i ietf-system%402014-05-14.yang

  1. create a invalid config (new line in the hostname)

    cat  <<EOF > invalid.xml
<system xmlns="urn:ietf:params:xml:ns:yang:ietf-system">
<hostname>
abc</hostname>
</system>
EOF

  2. start netopeer2-server

  3. run netopeer2-cli and connect to server and run:

    edit-config --config=invalid.xml --target running --defop merge

    (correct validation error appears)

  4. now run:

    edit-config --config=invalid.xml --target running --defop replace

    netopeer2-server crashs with a segfault

maybe a small hint

[Current thread is 1 (Thread 0x7f1ad4196700 (LWP 79333))]
Missing separate debuginfos, use: yum debuginfo-install netopeer2-server-2.1.59.2.g8b6a8e1-1.el8.x86_64
(gdb) info stack 
#0  0x00007f1adadb97ca in sr_edit_find () from /lib64/libsysrepo.so.7
#1  0x00007f1adadbd161 in sr_edit_apply_r () from /lib64/libsysrepo.so.7
#2  0x00007f1adadbdf8e in sr_edit_mod_apply () from /lib64/libsysrepo.so.7
#3  0x00007f1adadb44a5 in sr_modinfo_edit_apply () from /lib64/libsysrepo.so.7
#4  0x00007f1adad9c810 in sr_apply_changes () from /lib64/libsysrepo.so.7
#5  0x000055e7933fa244 in np2srv_rpc_editconfig_cb ()
#6  0x00007f1adadd145d in sr_shmsub_rpc_listen_call_callback () from /lib64/libsysrepo.so.7
#7  0x00007f1adadd7bbe in sr_shmsub_rpc_listen_process_rpc_events () from /lib64/libsysrepo.so.7
#8  0x00007f1adad9d6be in sr_subscription_process_events () from /lib64/libsysrepo.so.7
#9  0x00007f1adadd8a92 in sr_shmsub_listen_thread () from /lib64/libsysrepo.so.7
#10 0x00007f1adb3301cf in start_thread () from /lib64/libpthread.so.0
#11 0x00007f1ada9fde73 in clone () from /lib64/libc.so.6
(gdb) quit
michalvasko commented 1 year ago

I have failed to reproduce it when using the current devel branches of all the libraries so it has most likely been fixed.

qupfer commented 1 year ago

Great, thanks. I will try these.