search

qxmpp-project / qxmpp

Cross-platform C++ XMPP client and server library
401 stars 197 forks source link

Aborted(core dump) on server example #541

Closed EMHussain closed 1 year ago

EMHussain commented 1 year ago

Server example example_8_server.cpp failed with following output. QT version:QT 6.4.2 with ssl 3.0.2.

Wed Mar 1 15:53:09 2023 INFO Incoming client connection from ::ffff:127.0.0.1 46702
Wed Mar 1 15:53:09 2023 RECEIVED <?xml version='1.0'?><stream:stream to='0.0.0.0' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
Wed Mar 1 15:53:09 2023 SENT <?xml version='1.0'?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" id="3e020741-b155-45a9-b843-cc7a37dd5cce" from="0.0.0.0" version="1.0" xml:lang="en">
Wed Mar 1 15:53:09 2023 SENT <stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>DIGEST-MD5</mechanism></mechanisms></stream:features>
Wed Mar 1 15:53:09 2023 RECEIVED <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="DIGEST-MD5"/>
Wed Mar 1 15:53:09 2023 SENT <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">YWxnb3JpdGhtPW1kNS1zZXNzLGNoYXJzZXQ9dXRmLTgsbm9uY2U9IjVjSitLeVdJVXcwaWU5RzlNWE81MnNMQzdvT3hrRVRoTTNUblRHM1ZiQmc9Iixxb3A9YXV0aCxyZWFsbT0wLjAuMC4w</challenge>
Wed Mar 1 15:53:09 2023 RECEIVED <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Y2hhcnNldD11dGYtOCxjbm9uY2U9ImJYUjFpbW5Rc1NyWjBHaDdBVldiWmZDam4xbU0rakgvcWUyOStSaklqU289IixkaWdlc3QtdXJpPSJ4bXBwLzAuMC4wLjAiLG5jPTAwMDAwMDAxLG5vbmNlPSI1Y0orS3lXSVV3MGllOUc5TVhPNTJzTEM3b094a0VUaE0zVG5URzNWYkJnPSIscW9wPWF1dGgscmVhbG09MC4wLjAuMCxyZXNwb25zZT05YzNlZTBhOTE5ZDcxNGM5ZDcyODUzZmY1MWMwYTRmMyx1c2VybmFtZT0=</response>
ASSERT: "size_t(i) < size_t(size())" in file ./QtCore/qbytearray.h, line 503
Aborted (core dumped)

from client side 

Wed Mar 1 15:53:09 2023 DEBUG Looking up server for domain 0.0.0.0
Wed Mar 1 15:53:09 2023 WARNING Lookup for domain _xmpp-client._tcp.0.0.0.0 failed: Non existent domain
Wed Mar 1 15:53:09 2023 INFO Connecting to 0.0.0.0:5222
Wed Mar 1 15:53:09 2023 INFO Socket connected to 127.0.0.1 5222
Wed Mar 1 15:53:09 2023 SENT <?xml version='1.0'?><stream:stream to='0.0.0.0' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
Wed Mar 1 15:53:09 2023 RECEIVED <?xml version='1.0'?><stream:stream xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" id="3e020741-b155-45a9-b843-cc7a37dd5cce" from="0.0.0.0" version="1.0" xml:lang="en"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>DIGEST-MD5</mechanism></mechanisms></stream:features>
Wed Mar 1 15:53:09 2023 INFO SASL mechanism 'DIGEST-MD5' selected
Wed Mar 1 15:53:09 2023 SENT <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="DIGEST-MD5"/>
Wed Mar 1 15:53:09 2023 RECEIVED <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">YWxnb3JpdGhtPW1kNS1zZXNzLGNoYXJzZXQ9dXRmLTgsbm9uY2U9IjVjSitLeVdJVXcwaWU5RzlNWE81MnNMQzdvT3hrRVRoTTNUblRHM1ZiQmc9Iixxb3A9YXV0aCxyZWFsbT0wLjAuMC4w</challenge>
Wed Mar 1 15:53:09 2023 SENT <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Y2hhcnNldD11dGYtOCxjbm9uY2U9ImJYUjFpbW5Rc1NyWjBHaDdBVldiWmZDam4xbU0rakgvcWUyOStSaklqU289IixkaWdlc3QtdXJpPSJ4bXBwLzAuMC4wLjAiLG5jPTAwMDAwMDAxLG5vbmNlPSI1Y0orS3lXSVV3MGllOUc5TVhPNTJzTEM3b094a0VUaE0zVG5URzNWYkJnPSIscW9wPWF1dGgscmVhbG09MC4wLjAuMCxyZXNwb25zZT05YzNlZTBhOTE5ZDcxNGM5ZDcyODUzZmY1MWMwYTRmMyx1c2VybmFtZT0=</response>
Wed Mar 1 15:53:09 2023 WARNING Socket error: The remote host closed the connection
Wed Mar 1 15:53:09 2023 DEBUG Socket disconnected
EMHussain commented 1 year ago

After debugging i found issue here if the last key contain an empty value like this response=aa2c1a832623765797a78061966d80d2,username= then pos++ out bounding the QByteArray ba out bound validation should be applied here.

lnjX commented 1 year ago

Thanks for reporting and the notice about where the crash happens. :)

(issue will be closed once the fix got merged into master (when 1.5.3 is released))