search

dparrish / libcli

Libcli provides a shared library for including a Cisco-like command-line interface into other software. It's a telnet interface which supports command-line editing, history, authentication and callbacks for a user-definable function tree.
https://dparrish.com/link/libcli
GNU Lesser General Public License v2.1
296 stars 147 forks source link

Endless Loop During Command Search #69

Closed machste closed 3 years ago

machste commented 3 years ago

Hi all,

I found the following issue with the libcli. Entering a mode and issuing the same command by mistake, causes the main loop to hang forever. This can be simply reproduced with the test program, as shown below:

$ telnet 127.0.0.1 8000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
libcli test environment

Username: fred
Password:  

router> enable
Password: 
router# configure terminal 

router(config)# interface test0/0

router(config-test)# interface

At this point, the CLI hangs and won't return a prompt.

I did some research by myself and think there's something wrong here: https://github.com/dparrish/libcli/blob/b6ff35cbaca196a9b6ea25dc50068babaa6b4aa2/libcli.c#L2913

As a workaround, I removed this check and it works for me so far.

Best regards, Stefan Mächler

RobSanders commented 3 years ago

Stefan, Thank you - will investigate.

-Rob

Robert Sanders Senior Secure Systems Engineer – G2CI, North America

Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com

From: Stefan Mächler notifications@github.com Reply-To: dparrish/libcli reply@reply.github.com Date: Monday, February 22, 2021 at 10:11 AM To: dparrish/libcli libcli@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: EXTERNAL: [dparrish/libcli] Endless Loop During Command Search (#69)

Hi all,

I found the following issue with the libcli. Entering a mode and issuing the same command by mistake, causes the main loop to hang forever. This can be simply reproduced with the test program, as shown below:

$ telnet 127.0.0.1 8000

Trying 127.0.0.1...

Connected to 127.0.0.1.

Escape character is '^]'.

libcli test environment

Username: fred

Password:

router> enable

Password:

router# configure terminal

router(config)# interface test0/0

router(config-test)# interface

At this point, the CLI hang and won't return a prompt.

Best regards, Stefan Mächler

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/dparrish/libcli/issues/69, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHHFTFZQDOEVDIL7BA6VLO3TAJX2DANCNFSM4YAWBWLQ.

RobSanders commented 3 years ago

Stefan, Found it, problem has been around since V1.10.0. When the internal routine ‘cli_find_command()’ was refactored into ‘cli_int_locate_command()’ one line was missed. We haven’t seen it in our internal application because our ‘command modes’ are not purely hierarchical, but instead totally distinct. By this I mean a command must be located w/in the current command mode, or be marked as MODE_ANY, in order to be selectable. To do this we use negative command modes. Anyway, the missing line would have forced the command mode to be the mode of the ‘matching’ command from a different mode. Without this change the code looped forever trying to find a matching command. Will queue up a patch and submit shortly...

-Rob

Robert Sanders Senior Secure Systems Engineer – G2CI, North America

Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com

From: "Sanders, Robert" rsanders@forcepointgov.com Date: Monday, February 22, 2021 at 10:29 AM To: dparrish/libcli reply@reply.github.com, dparrish/libcli libcli@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: Re: EXTERNAL: [dparrish/libcli] Endless Loop During Command Search (#69)

Stefan, Thank you - will investigate.

-Rob

Robert Sanders Senior Secure Systems Engineer – G2CI, North America

Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com

From: Stefan Mächler notifications@github.com Reply-To: dparrish/libcli reply@reply.github.com Date: Monday, February 22, 2021 at 10:11 AM To: dparrish/libcli libcli@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: EXTERNAL: [dparrish/libcli] Endless Loop During Command Search (#69)

Hi all,

I found the following issue with the libcli. Entering a mode and issuing the same command by mistake, causes the main loop to hang forever. This can be simply reproduced with the test program, as shown below:

$ telnet 127.0.0.1 8000

Trying 127.0.0.1...

Connected to 127.0.0.1.

Escape character is '^]'.

libcli test environment

Username: fred

Password:

router> enable

Password:

router# configure terminal

router(config)# interface test0/0

router(config-test)# interface

At this point, the CLI hang and won't return a prompt.

Best regards, Stefan Mächler

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/dparrish/libcli/issues/69, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHHFTFZQDOEVDIL7BA6VLO3TAJX2DANCNFSM4YAWBWLQ.

RobSanders commented 3 years ago

Stefan, have an pull request pending with the bug fix for your issue if you want to test. This will also bump the version to V1.10.6

machste commented 3 years ago

Hi Rob, thank you for reacting so fast. :-) Stefan

RobSanders commented 3 years ago

No worries - advance notice that 1.10.7 is forthcoming - someone on my team just found an issue with the change I did in 1.10.5 for formatting the help message for a command with a long name (greater than 20 odd characters) - affects the help display for showing possible completions of options/arguments....Not a fatal bug, but produces an extra linefeed on each line.....

Hope to have that fixed today or tomorrow -

Robert Sanders Senior Secure Systems Engineer – G2CI, North America

Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com

From: Stefan Mächler notifications@github.com Reply-To: dparrish/libcli reply@reply.github.com Date: Wednesday, February 24, 2021 at 8:10 AM To: dparrish/libcli libcli@noreply.github.com Cc: Rob Sanders rsanders@forcepoint.com, Comment comment@noreply.github.com Subject: EXTERNAL: Re: [dparrish/libcli] Endless Loop During Command Search (#69)

Hi Rob, thank you for reacting so fast. :-) Stefan

— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/dparrish/libcli/issues/69#issuecomment-785063721, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHHFTFYJ37HQOMRB7I7CFW3TAT3ENANCNFSM4YAWBWLQ.

RobSanders commented 3 years ago

Fixed in V1.10.6