Closed machste closed 3 years ago
Stefan, Thank you - will investigate.
-Rob
Robert Sanders Senior Secure Systems Engineer – G2CI, North America
Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com
From: Stefan Mächler notifications@github.com Reply-To: dparrish/libcli reply@reply.github.com Date: Monday, February 22, 2021 at 10:11 AM To: dparrish/libcli libcli@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: EXTERNAL: [dparrish/libcli] Endless Loop During Command Search (#69)
Hi all,
I found the following issue with the libcli. Entering a mode and issuing the same command by mistake, causes the main loop to hang forever. This can be simply reproduced with the test program, as shown below:
$ telnet 127.0.0.1 8000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
libcli test environment
Username: fred
Password:
router> enable
Password:
router# configure terminal
router(config)# interface test0/0
router(config-test)# interface
At this point, the CLI hang and won't return a prompt.
Best regards, Stefan Mächler
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/dparrish/libcli/issues/69, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHHFTFZQDOEVDIL7BA6VLO3TAJX2DANCNFSM4YAWBWLQ.
Stefan, Found it, problem has been around since V1.10.0. When the internal routine ‘cli_find_command()’ was refactored into ‘cli_int_locate_command()’ one line was missed. We haven’t seen it in our internal application because our ‘command modes’ are not purely hierarchical, but instead totally distinct. By this I mean a command must be located w/in the current command mode, or be marked as MODE_ANY, in order to be selectable. To do this we use negative command modes. Anyway, the missing line would have forced the command mode to be the mode of the ‘matching’ command from a different mode. Without this change the code looped forever trying to find a matching command. Will queue up a patch and submit shortly...
-Rob
Robert Sanders Senior Secure Systems Engineer – G2CI, North America
Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com
From: "Sanders, Robert" rsanders@forcepointgov.com Date: Monday, February 22, 2021 at 10:29 AM To: dparrish/libcli reply@reply.github.com, dparrish/libcli libcli@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: Re: EXTERNAL: [dparrish/libcli] Endless Loop During Command Search (#69)
Stefan, Thank you - will investigate.
-Rob
Robert Sanders Senior Secure Systems Engineer – G2CI, North America
Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com
From: Stefan Mächler notifications@github.com Reply-To: dparrish/libcli reply@reply.github.com Date: Monday, February 22, 2021 at 10:11 AM To: dparrish/libcli libcli@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: EXTERNAL: [dparrish/libcli] Endless Loop During Command Search (#69)
Hi all,
I found the following issue with the libcli. Entering a mode and issuing the same command by mistake, causes the main loop to hang forever. This can be simply reproduced with the test program, as shown below:
$ telnet 127.0.0.1 8000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
libcli test environment
Username: fred
Password:
router> enable
Password:
router# configure terminal
router(config)# interface test0/0
router(config-test)# interface
At this point, the CLI hang and won't return a prompt.
Best regards, Stefan Mächler
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/dparrish/libcli/issues/69, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHHFTFZQDOEVDIL7BA6VLO3TAJX2DANCNFSM4YAWBWLQ.
Stefan, have an pull request pending with the bug fix for your issue if you want to test. This will also bump the version to V1.10.6
Hi Rob, thank you for reacting so fast. :-) Stefan
No worries - advance notice that 1.10.7 is forthcoming - someone on my team just found an issue with the change I did in 1.10.5 for formatting the help message for a command with a long name (greater than 20 odd characters) - affects the help display for showing possible completions of options/arguments....Not a fatal bug, but produces an extra linefeed on each line.....
Hope to have that fixed today or tomorrow -
Robert Sanders Senior Secure Systems Engineer – G2CI, North America
Forcepoint O: +1.703-896-4762 www.forcepoint.comhttp://www.forcepoint.com
From: Stefan Mächler notifications@github.com Reply-To: dparrish/libcli reply@reply.github.com Date: Wednesday, February 24, 2021 at 8:10 AM To: dparrish/libcli libcli@noreply.github.com Cc: Rob Sanders rsanders@forcepoint.com, Comment comment@noreply.github.com Subject: EXTERNAL: Re: [dparrish/libcli] Endless Loop During Command Search (#69)
Hi Rob, thank you for reacting so fast. :-) Stefan
— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/dparrish/libcli/issues/69#issuecomment-785063721, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHHFTFYJ37HQOMRB7I7CFW3TAT3ENANCNFSM4YAWBWLQ.
Fixed in V1.10.6
Hi all,
I found the following issue with the
libcli
. Entering a mode and issuing the same command by mistake, causes the main loop to hang forever. This can be simply reproduced with the test program, as shown below:At this point, the CLI hangs and won't return a prompt.
I did some research by myself and think there's something wrong here: https://github.com/dparrish/libcli/blob/b6ff35cbaca196a9b6ea25dc50068babaa6b4aa2/libcli.c#L2913
As a workaround, I removed this check and it works for me so far.
Best regards, Stefan Mächler