Supernode crash when creating dynamic keys for username-password auth

[aarojun]

Hey, This is a repeat of the following issue: https://github.com/ntop/n2n/issues/1161 Testing on a Windows 11 machine this happens on both n3n 3.3.4 and n2n 3.1.1 binaries with minimal config settings.

If username/password auth is enabled and community.list has any users listed the supernode process closes after announcing it is calculating dynamic keys. e.g. the following is ran and the program closes with no error code.

n3n-supernode.exe start dynkey_test
14/May/2024 11:13:11 [src/sn_utils.c:433] added allowed community 'N3Ngroup' [total: 1]
14/May/2024 11:13:11 [src/sn_utils.c:1430] assigned sub-network 10.114.25.0/24 to community 'N3Ngroup'
14/May/2024 11:13:11 [src/sn_utils.c:378] added user 'Tester' with public key 'Sb7i-eKf3csny8Ai3aQGq+piopwrxBH-iUFzAONioWy' to community 'N3Ngroup'
14/May/2024 11:13:11 [src/sn_utils.c:479] loaded 1 fixed-name communities from community.list
14/May/2024 11:13:11 [src/sn_utils.c:482] loaded 0 regular expressions for community name matching from community.list
14/May/2024 11:13:11 [src/sn_utils.c:147] started shared secrets calculation for edge authentication
14/May/2024 11:13:11 [src/sn_utils.c:163] calculated shared secrets for edge authentication
14/May/2024 11:13:11 [src/sn_utils.c:172] calculating dynamic keys

community.list

N3Ngroup
* Tester Sb7i-eKf3csny8Ai3aQGq+piopwrxBH-iUFzAONioWy

dynkey_test.conf

[community]
key=EncryKey
cipher=ChaCha20

[connection]
bind=6777

[logging]
verbose=4

[supernode]
community_file=community.list
federation=N3Nfed

auto_ip_max=10.114.26.0/24
auto_ip_min=10.114.25.0/24

[aarojun]

For more context: Windows Event Viewer reports this Error as exception code 0xc0000374 (Heap Corruption) for module ntdll.dll

Faulting application name: n3n-supernode.exe, version: 0.0.0.0, time stamp: 0x663c8682
Faulting module name: ntdll.dll, version: 10.0.22621.3374, time stamp: 0xeae8eecc
Exception code: 0xc0000374
Fault offset: 0x000000000010c169

Watching ProcessMonitor this appears to happen soon after the supernode closes the community.list file.

Using WinDbg and running !analyze -v on crash .dmp file:

``` ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* *** WARNING: Check Image - Checksum mismatch - Dump: 0x21eed5, File: 0x21b96e - C:\ProgramData\Dbg\sym\ntdll.dll\EAE8EECC216000\ntdll.dll KEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 453 Key : Analysis.Elapsed.mSec Value: 13464 Key : Analysis.IO.Other.Mb Value: 15 Key : Analysis.IO.Read.Mb Value: 2 Key : Analysis.IO.Write.Mb Value: 18 Key : Analysis.Init.CPU.mSec Value: 46 Key : Analysis.Init.Elapsed.mSec Value: 16271 Key : Analysis.Memory.CommitPeak.Mb Value: 81 Key : Failure.Bucket Value: HEAP_CORRUPTION_ACTIONABLE_BlockNotBusy_DOUBLE_FREE_c0000374_ntdll.dll!RtlpFreeHeapInternal Key : Failure.Hash Value: {f9e860eb-b03f-7415-804c-7e671e26c730} Key : Timeline.OS.Boot.DeltaSec Value: 3600 Key : Timeline.Process.Start.DeltaSec Value: 2 Key : WER.OS.Branch Value: ni_release Key : WER.OS.Version Value: 10.0.22621.1 FILE_IN_CAB: n3n-supernode.exe.20332.dmp NTGLOBALFLAG: 0 APPLICATION_VERIFIER_FLAGS: 0 CONTEXT: (.ecxr) rax=000000000000c000 rbx=00000000c0000374 rcx=000002a3f9210001 rdx=000002a3f9210c38 rsi=0000000000000001 rdi=00007ffdd97328b0 rip=00007ffdd96bc169 rsp=000000b2f21fe320 rbp=000002a3f9315c00 r8=000002a3f9210c38 r9=0000000000000000 r10=000002a3f92104f8 r11=0000000000000000 r12=0000000000000000 r13=000002a3f9310000 r14=000002a3f93117e8 r15=0000000000000000 iopl=0 nv up ei pl nz na pe nc cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000202 ntdll!RtlReportFatalFailure+0x9: 00007ffd`d96bc169 eb00 jmp ntdll!RtlReportFatalFailure+0xb (00007ffd`d96bc16b) Resetting default scope EXCEPTION_RECORD: (.exr -1) ExceptionAddress: 00007ffdd96bc169 (ntdll!RtlReportFatalFailure+0x0000000000000009) ExceptionCode: c0000374 ExceptionFlags: 00000081 NumberParameters: 1 Parameter[0]: 00007ffdd97328b0 PROCESS_NAME: n3n-supernode.exe ERROR_CODE: (NTSTATUS) 0xc0000374 - A heap has been corrupted. EXCEPTION_CODE_STR: c0000374 EXCEPTION_PARAMETER1: 00007ffdd97328b0 ADDITIONAL_DEBUG_TEXT: Followup set based on attribute [Heap_Error_Type] from Frame:[0] on thread:[PSEUDO_THREAD] ; Followup set based on attribute [Is_ChosenCrashFollowupThread] from Frame:[0] on thread:[PSEUDO_THREAD] FAULTING_THREAD: ffffffff STACK_TEXT: 00000000`00000000 00000000`00000000 ntdll!RtlpFreeHeapInternal+0x0 STACK_COMMAND: !heap ; ** Pseudo Context ** ManagedPseudo ** Value: ffffffff ** ; kb SYMBOL_NAME: ntdll!RtlpFreeHeapInternal+0 MODULE_NAME: ntdll IMAGE_NAME: ntdll.dll FAILURE_BUCKET_ID: HEAP_CORRUPTION_ACTIONABLE_BlockNotBusy_DOUBLE_FREE_c0000374_ntdll.dll!RtlpFreeHeapInternal OS_VERSION: 10.0.22621.1 BUILDLAB_STR: ni_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 IMAGE_VERSION: 10.0.22621.3374 FAILURE_ID_HASH: {f9e860eb-b03f-7415-804c-7e671e26c730} Followup: MachineOwner --------- ```

[hamishcoleman]

Thank you for your clear and concise reproduction steps - that was very helpful.

I believe I have addressed this bug in 51eb3d7b9419 - are you able to test the windows binaries from https://github.com/hamishcoleman/n3n/actions/runs/9088706213/artifacts/1503386924 ?

[aarojun]

Thank you! The issue is fixed with these binaries and I was able to get a supernode running with successful edge connections.

[hamishcoleman]

Great to hear. Thanks for confirming that.

I will make a new bugfix release with this change shortly.