search

PhDLeToanThang / cloudedge

script guacamole 1.5.x
https://hol.cloud.edu.vn
Apache License 2.0
2 stars 0 forks source link

Starting/joining an RDP connection may segfault depending on timing of underlying RDP/SFTP connection(s) #7

Closed PhDLeToanThang closed 7 months ago

PhDLeToanThang commented 7 months ago

If a user joins an RDP connection leveraging Guacamole's session sharing functionality, but the underlying connection to the RDP server has not yet been established, a segfault may occur while handling the join operation:

1 0x000055da270e5de9 in guac_common_list_lock (list=) at list.c:75

2 0x00007f8bb956c5cb in guac_rdp_pipe_svc_send_pipes (user=user@entry=0x7f8bac00d5e0) at channels/pipe-svc.c:49

3 0x00007f8bb957a0cb in guac_rdp_user_join_handler (user=0x7f8bac00d5e0, argc=, argv=) at user.c:92

4 0x00007f8bbb1d134a in guac_client_add_user (client=client@entry=0x7f8b280060e0, user=user@entry=0x7f8bac00d5e0, argc=argc@entry=76,

argv=<optimized out>) at client.c:286

5 0x00007f8bbb1d8bea in guac_user_handle_connection (user=user@entry=0x7f8bac00d5e0, usec_timeout=usec_timeout@entry=15000000)

at user-handshake.c:337

6 0x000055da270e5a96 in guacd_user_thread (data=0x7f8b280ad010) at proc.c:98

7 0x00007f8bbade2fa3 in start_thread (arg=) at pthread_create.c:486

8 0x00007f8bba71f4cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

This is because the relevant structure (rdp_client->available_svc) is not actually allocated until later in the RDP-specific connection initialization process, which occurs in its own thread spawned by the connection owner. If that allocation has not yet occurred, the attempt to synchronize the newly-joined user with the current session state will result in a segfault.

Original context:

I am running guacd from docker on an Ubuntu 20.04 host. Connections to guacd are from a custom backend using the official guacamole-common 1.1.0 maven artifact with a websocket.

To demonstrate stuff (teaching) multiple connections (10-12) are opened as shared sessions with the read-only property set after a leading session is opened and the connection id is propagated. The shared connections are all opened simultaneously - and closed (more or less) simultaneously, often together with the leading session.

Shared drive is disabled.

Most of the time it works flawlessly, until guacd segfaults.

PhDLeToanThang commented 7 months ago

After the feedback from https://issues.apache.org/jira/browse/GUACAMOLE-1203 I thought the following information might be helpful:

Target machine is Ubuntu Linux 20.04 with xrdp Desktop is xfce Shared applications are mostly just webbrowser and a java based ide (idea or webstorm) audio is not enabled, printer, clipboard, filesharing is not enabled The issue seems to have disappeared after adding synchronization in the java app providing access to guacd (websocket/http).