Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MQTT] Packet flooding causes SIGSEGV #63

Closed
nokute78 opened this issue Apr 5, 2016 · 1 comment · Fixed by #64
Closed

[MQTT] Packet flooding causes SIGSEGV #63

nokute78 opened this issue Apr 5, 2016 · 1 comment · Fixed by #64

Comments

@nokute78
Copy link
Collaborator

nokute78 commented Apr 5, 2016

SIGSEGV is occured with this PoC.

PoC(shell script)

while :; do mosquitto_pub -m '{"key":"aaa"}' -t some/topic & done

Backtrace

pi@raspberrypi /tmp/fluent-bit/build $ gdb bin/fluent-bit
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabihf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /tmp/fluent-bit/build/bin/fluent-bit...done.
(gdb) run -i mqtt -o stdout
Starting program: /tmp/fluent-bit/build/bin/fluent-bit -i mqtt -o stdout
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1".
Fluent-Bit v0.8.0
Copyright (C) Treasure Data

[2016/04/05 12:58:47] [ info] starting engine
[2016/04/05 12:58:47] [ info] MQTT Listen='0.0.0.0' TCP_Port=1883
[2016/04/05 12:58:47] [ info] [mqtt] binding 0.0.0.0:1883
[2016/04/05 12:58:52] [ warn] No input data
[2016/04/05 12:58:57] [ warn] No input data
[2016/04/05 12:59:02] [ warn] No input data
[2016/04/05 12:59:07] [ warn] No input data
[2016/04/05 12:59:12] [ warn] No input data
[2016/04/05 12:59:17] [ warn] No input data
[2016/04/05 12:59:22] [ warn] No input data

Program received signal SIGSEGV, Segmentation fault.
0x000a8ef0 in mk_event_add (loop=0x706f742f, fd=239, type=3, mask=1, data=0x1f7de8)
    at /tmp/fluent-bit/lib/monkey/mk_core/mk_event.c:88
88          ctx = loop->data;
(gdb) bt
#0  0x000a8ef0 in mk_event_add (loop=0x706f742f, fd=239, type=3, mask=1, data=0x1f7de8)
    at /tmp/fluent-bit/lib/monkey/mk_core/mk_event.c:88
#1  0x00026b38 in mqtt_conn_add (fd=239, ctx=0xd4690) at /tmp/fluent-bit/plugins/in_mqtt/mqtt_conn.c:103
#2  0x00026848 in in_mqtt_collect (config=0xd1008, in_context=0xd4690) at /tmp/fluent-bit/plugins/in_mqtt/mqtt.c:102
#3  0x0001b478 in flb_engine_handle_event (config=0xd1008, mask=1, fd=9) at /tmp/fluent-bit/src/flb_engine.c:223
#4  flb_engine_start (config=0xd1008) at /tmp/fluent-bit/src/flb_engine.c:358
#5  0x00017110 in main (argc=5, argv=0x7efff7f4) at /tmp/fluent-bit/src/fluent-bit.c:314
(gdb)

Here, 'loop' is broken by received data.
loop=0x706f742f and '0x706f742f' is 'pot/' in ASCII.
'pot/' comes from the argument of mosquitto_pub, some'/top'ic

$ mosquitto_pub -m '{"key":"aaa"}' -t some/topic
nokute78 added a commit to nokute78/fluent-bit that referenced this issue Apr 5, 2016
@nokute78
in_mqtt: drop data when buffer is full (fluent#63)
8693300 
Signed-off-by: nokute78 <nokute78@gmail.com>
@nokute78 nokute78 mentioned this issue Apr 5, 2016
Merged
edsiper added a commit that referenced this issue Apr 12, 2016
@edsiper
Merge pull request #64 from nokute78/fix_leak
821c041 
in_mqtt: drop data when buffer is full (#63)
@edsiper
Copy link
Member

edsiper commented Apr 12, 2016

thanks for catching this!

fujimotos pushed a commit to fujimotos/fluent-bit that referenced this issue Jul 22, 2019
@michiel @edsiper
filter: Add documentation for filter_modify (fluent#63)
f589ced 
This adds configuration, documentation and example usage
for the filter_modify plugin.

Signed-off-by: Michiel Kalkman <mkalkman@shelde.com>
@davidcharbonnier davidcharbonnier mentioned this issue May 10, 2021
Closed
@leonardo-albertovich leonardo-albertovich mentioned this issue Feb 3, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

in_mqtt: drop data when buffer is full (#63) nokute78/fluent-bit
2 participants
@edsiper @nokute78