Discussion:
Buffer overflow
Philippe DE ROCHAMBEAU
2013-03-19 16:31:09 UTC
Permalink
Hello,

When I type a word in the Search Form Input field and press Search!, I get a buffer overflow error.

[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] *** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] 399cf89000-399cf8d000 r--p 00189000 fd:00 318254

Configuration: mnogosearch 3.3.13 on Linux 2.6.32

Any help would be greatly appreciated.

Philippe

P In order to preserve the environment, please do not print this message unless it is necessary.
Alexander Barkov
2013-03-19 17:54:13 UTC
Permalink
Hi,

What are exactly your Linux distribution and version?

Does it crash on all queries, or on a certain query only?

Please try to run search.cgi from command line like this:

./search.cgi "query words"

where "query words" are the search words that make it crash.

Does it crash when started from command line?

If so, it would be nice to get a gdb backtrace.

Please do the following:

gdb search cgi
(gdb) run "query words"
(gdb) backtrace

Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!, I
get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] *** buffer
overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0
[heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254
/lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254
/lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this message
unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
Philippe DE ROCHAMBEAU
2013-03-20 08:32:33 UTC
Permalink
Hi,

uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST 2013 x86_64 x86_64 x86_64 GNU/Linux

---------------

[***@xxx cgi-bin]# ./search.cgi "a"
*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)


------------------

[***@xxx cgi-bin]# gdb search.cgi
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]

Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)

-------------------------

(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)


----------------------

[***@xxx cgi-bin]# rpm -qi mnogosearch
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
Description :
mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
two parts. The first part is an indexing mechanism (indexer). The indexer walks over
html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data collected by the
indexer.

A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.

mnoGoSearch first release took place in November 1998. The search engine was named
UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
its name changed to mnoGoSearch.
[***@xxx cgi-bin]#

--------------------------------

Philippe



-----Original Message-----
From: general-***@mnogosearch.org [mailto:general-***@mnogosearch.org] On Behalf Of Alexander Barkov
Sent: 19 March 2013 18:54
To: ***@mnogosearch.org
Subject: Re: [General] Buffer overflow

Hi,

What are exactly your Linux distribution and version?

Does it crash on all queries, or on a certain query only?

Please try to run search.cgi from command line like this:

./search.cgi "query words"

where "query words" are the search words that make it crash.

Does it crash when started from command line?

If so, it would be nice to get a gdb backtrace.

Please do the following:

gdb search cgi
(gdb) run "query words"
(gdb) backtrace

Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!, I
get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] *** buffer
overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
Alexander Barkov
2013-03-20 08:49:46 UTC
Permalink
Hi Philippe,

So you're actually running mnogosearch-3.3.12
(not 3.3.13 as you reported in the first letter).


This problem should be fixed in 3.3.13.
Bug#4803 "buffer overflow detected with search.cgi" was fixed.
Please download 3.3.13 from our site and reinstall.

Greetings.
Hi,
uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
---------------
*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
------------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)
-------------------------
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
----------------------
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
two parts. The first part is an indexing mechanism (indexer). The indexer walks over
html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data collected by the
indexer.
A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
mnoGoSearch first release took place in November 1998. The search engine was named
UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
its name changed to mnoGoSearch.
--------------------------------
Philippe
-----Original Message-----
Sent: 19 March 2013 18:54
Subject: Re: [General] Buffer overflow
Hi,
What are exactly your Linux distribution and version?
Does it crash on all queries, or on a certain query only?
./search.cgi "query words"
where "query words" are the search words that make it crash.
Does it crash when started from command line?
If so, it would be nice to get a gdb backtrace.
gdb search cgi
(gdb) run "query words"
(gdb) backtrace
Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!, I
get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] *** buffer
overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
P In order to preserve the environment, please do not print this message unless it is necessary.
Philippe DE ROCHAMBEAU
2013-03-20 09:10:29 UTC
Permalink
Hi Alexander,

The problem is that version 3.3.12 is the only one available on the Redhat Repository.

---------------------------------------

Yum info mnogosearch

Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Installed Packages
Name : mnogosearch
Arch : x86_64
Version : 3.3.12
Release : 01.static
Size : 15 M
Repo : installed
Summary : Full-featured MySQL based web search engine.
URL : http://www.mnogosearch.org/
License : GNU GPL Version 2
Description : mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
: two parts. The first part is an indexing mechanism (indexer). The indexer walks over
: html hypertext references and stores found words and new references into a database.
: The second part is a web CGI front-end to provide search using data collected by the
: indexer.
:
: A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
:
: mnoGoSearch first release took place in November 1998. The search engine was named
: UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
: its name changed to mnoGoSearch.

--------------------------------------------------

Best regards,

Philippe


-----Original Message-----
From: Alexander Barkov [mailto:***@mnogosearch.org]
Sent: 20 March 2013 09:50
To: Philippe DE ROCHAMBEAU
Cc: ***@mnogosearch.org
Subject: Re: [General] Buffer overflow

Hi Philippe,

So you're actually running mnogosearch-3.3.12
(not 3.3.13 as you reported in the first letter).


This problem should be fixed in 3.3.13.
Bug#4803 "buffer overflow detected with search.cgi" was fixed.
Please download 3.3.13 from our site and reinstall.

Greetings.
Hi,
uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
---------------
*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
------------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)
-------------------------
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
----------------------
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
two parts. The first part is an indexing mechanism (indexer). The indexer walks over
html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data collected by the
indexer.
A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
mnoGoSearch first release took place in November 1998. The search engine was named
UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
its name changed to mnoGoSearch.
--------------------------------
Philippe
-----Original Message-----
Sent: 19 March 2013 18:54
Subject: Re: [General] Buffer overflow
Hi,
What are exactly your Linux distribution and version?
Does it crash on all queries, or on a certain query only?
./search.cgi "query words"
where "query words" are the search words that make it crash.
Does it crash when started from command line?
If so, it would be nice to get a gdb backtrace.
gdb search cgi
(gdb) run "query words"
(gdb) backtrace
Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!, I
get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] *** buffer
overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ======= Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
Alexander Barkov
2013-03-20 10:27:58 UTC
Permalink
Hi Philippe,
Post by Philippe DE ROCHAMBEAU
Hi Alexander,
The problem is that version 3.3.12 is the only one available on the Redhat Repository.
The info below makes me think that you're using the RPM you
previously downloaded from our site.

This RPM is a similar RPM we built for 3.3.13:

http://www.mnogosearch.org/Download/RPMS/mnogosearch-3.3.13-01.static.glibc-2.12.x86_64.rpm

I suggest to download it and upgrade.
Post by Philippe DE ROCHAMBEAU
---------------------------------------
Yum info mnogosearch
Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Installed Packages
Name : mnogosearch
Arch : x86_64
Version : 3.3.12
Release : 01.static
Size : 15 M
Repo : installed
Summary : Full-featured MySQL based web search engine.
URL : http://www.mnogosearch.org/
License : GNU GPL Version 2
Description : mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
: two parts. The first part is an indexing mechanism (indexer). The indexer walks over
: html hypertext references and stores found words and new references into a database.
: The second part is a web CGI front-end to provide search using data collected by the
: indexer.
: A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
: mnoGoSearch first release took place in November 1998. The search engine was named
: UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
: its name changed to mnoGoSearch.
--------------------------------------------------
Best regards,
Philippe
-----Original Message-----
Sent: 20 March 2013 09:50
To: Philippe DE ROCHAMBEAU
Subject: Re: [General] Buffer overflow
Hi Philippe,
So you're actually running mnogosearch-3.3.12
(not 3.3.13 as you reported in the first letter).
This problem should be fixed in 3.3.13.
Bug#4803 "buffer overflow detected with search.cgi" was fixed.
Please download 3.3.13 from our site and reinstall.
Greetings.
Hi,
uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
---------------
*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
------------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)
-------------------------
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
----------------------
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
two parts. The first part is an indexing mechanism (indexer). The indexer walks over
html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data collected by the
indexer.
A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
mnoGoSearch first release took place in November 1998. The search engine was named
UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
its name changed to mnoGoSearch.
--------------------------------
Philippe
-----Original Message-----
Sent: 19 March 2013 18:54
Subject: Re: [General] Buffer overflow
Hi,
What are exactly your Linux distribution and version?
Does it crash on all queries, or on a certain query only?
./search.cgi "query words"
where "query words" are the search words that make it crash.
Does it crash when started from command line?
If so, it would be nice to get a gdb backtrace.
gdb search cgi
(gdb) run "query words"
(gdb) backtrace
Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!, I
get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] *** buffer
overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] [0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
Philippe DE ROCHAMBEAU
2013-03-20 11:06:03 UTC
Permalink
Hi Alexander,

Although version 3.1.13 is now installed

# rpm -q mnogosearch
mnogosearch-3.3.13-01.static.x86_64

I am still getting buffer overflows:

# ./search.cgi "abc"

*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
0234d000-023cf000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fe4155d6000-7fe4156d6000 rw-p 00000000 00:00 0
7fe4156d6000-7fe4156e2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4156e2000-7fe4158e2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158e2000-7fe4158e3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158e3000-7fe4158e4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158ed000-7fe4158ee000 rw-p 00000000 00:00 0
7fff25554000-7fff25569000 rw-p 00000000 00:00 0 [stack]
7fff255cf000-7fff255d0000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)


# gdb search.cgi
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "abc"
Starting program: /var/www/cgi-bin/search.cgi "abc"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-0096e000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff7ce6000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffd000-7ffff7ffe000 rw-p 00000000 00:00 0
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]

Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)

-----------------------------------------------------


Philippe





-----Original Message-----
From: Alexander Barkov [mailto:***@mnogosearch.org]
Sent: 20 March 2013 11:28
To: Philippe DE ROCHAMBEAU; ***@mnogosearch.org
Subject: Re: [General] Buffer overflow

Hi Philippe,
Post by Philippe DE ROCHAMBEAU
Hi Alexander,
The problem is that version 3.3.12 is the only one available on the Redhat Repository.
The info below makes me think that you're using the RPM you previously downloaded from our site.

This RPM is a similar RPM we built for 3.3.13:

http://www.mnogosearch.org/Download/RPMS/mnogosearch-3.3.13-01.static.glibc-2.12.x86_64.rpm

I suggest to download it and upgrade.
Post by Philippe DE ROCHAMBEAU
---------------------------------------
Yum info mnogosearch
Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Installed Packages
Name : mnogosearch
Arch : x86_64
Version : 3.3.12
Release : 01.static
Size : 15 M
Repo : installed
Summary : Full-featured MySQL based web search engine.
URL : http://www.mnogosearch.org/
License : GNU GPL Version 2
Description : mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
: two parts. The first part is an indexing mechanism (indexer). The indexer walks over
: html hypertext references and stores found words and new references into a database.
: The second part is a web CGI front-end to provide search using data collected by the
: indexer.
: A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
: mnoGoSearch first release took place in November 1998. The search engine was named
: UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
: its name changed to mnoGoSearch.
--------------------------------------------------
Best regards,
Philippe
-----Original Message-----
Sent: 20 March 2013 09:50
To: Philippe DE ROCHAMBEAU
Subject: Re: [General] Buffer overflow
Hi Philippe,
So you're actually running mnogosearch-3.3.12 (not 3.3.13 as you
reported in the first letter).
This problem should be fixed in 3.3.13.
Bug#4803 "buffer overflow detected with search.cgi" was fixed.
Please download 3.3.13 from our site and reinstall.
Greetings.
Hi,
uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST
2013 x86_64 x86_64 x86_64 GNU/Linux
---------------
*** buffer overflow detected ***: ./search.cgi terminated =======
Backtrace: ========= [0x52dae5] [0x52da7e] [0x52d523] [0x52d408]
[0x440c98] [0x44d247] [0x4171dd] [0x404566] [0x4b6056] [0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
------------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6) Copyright (C)
2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate
debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install
/usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.de
bug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi
terminated ======= Backtrace: ========= [0x52dae5] [0x52da7e]
[0x52d523] [0x52d408] [0x440c98] [0x44d247] [0x4171dd] [0x404566]
[0x4b6056] [0x405201] ======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)
-------------------------
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
----------------------
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
mnoGoSearch is a full-featured MySQL based web search engine.
mnoGoSearch consists of two parts. The first part is an indexing
mechanism (indexer). The indexer walks over html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data
collected by the indexer.
A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
mnoGoSearch first release took place in November 1998. The search
engine was named UDMSearch until the project was acquired by
Lavtech.Com Corp. in October 2000 and its name changed to mnoGoSearch.
--------------------------------
Philippe
-----Original Message-----
Barkov
Sent: 19 March 2013 18:54
Subject: Re: [General] Buffer overflow
Hi,
What are exactly your Linux distribution and version?
Does it crash on all queries, or on a certain query only?
./search.cgi "query words"
where "query words" are the search words that make it crash.
Does it crash when started from command line?
If so, it would be nice to get a gdb backtrace.
gdb search cgi
(gdb) run "query words"
(gdb) backtrace
Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!,
I get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ***
buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
Alexander Barkov
2013-03-20 11:17:08 UTC
Permalink
Hi,
Post by Philippe DE ROCHAMBEAU
Hi Alexander,
Although version 3.1.13 is now installed
# rpm -q mnogosearch
mnogosearch-3.3.13-01.static.x86_64
# ./search.cgi "abc"
Can you please send me your indexer.conf and search.htm files?
Thanks.


Also, can you please compile and run a debug binary, as follows:


1. Download the sources from here:

http://www.mnogosearch.org/Download/mnogosearch-3.3.13.tar.gz

2. Compile and install

tar -zxf mnogosearch-3.3.13.tar.gz
cd mnogosearch-3.3.13
./configure --with-debug --with-mysql --prefix=/tmp/mnogosearch-3.3.13
make
make install

3. Copy search.htm:

cp /etc/mnogosearch/search.htm /tmp/mnogosearch-3.3.13/etc/

4. Run search.cgi in gdb and get backtrace:

cd /tmp/mnogosearch-3.3.13/bin/
gdb search.cgi
(gdb) r abc
(gdb) backtrace


Thanks.
Post by Philippe DE ROCHAMBEAU
*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
0234d000-023cf000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fe4155d6000-7fe4156d6000 rw-p 00000000 00:00 0
7fe4156d6000-7fe4156e2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4156e2000-7fe4158e2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158e2000-7fe4158e3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158e3000-7fe4158e4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158ed000-7fe4158ee000 rw-p 00000000 00:00 0
7fff25554000-7fff25569000 rw-p 00000000 00:00 0 [stack]
7fff255cf000-7fff255d0000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
# gdb search.cgi
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "abc"
Starting program: /var/www/cgi-bin/search.cgi "abc"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-0096e000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff7ce6000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffd000-7ffff7ffe000 rw-p 00000000 00:00 0
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
-----------------------------------------------------
Philippe
-----Original Message-----
Sent: 20 March 2013 11:28
Subject: Re: [General] Buffer overflow
Hi Philippe,
Post by Philippe DE ROCHAMBEAU
Hi Alexander,
The problem is that version 3.3.12 is the only one available on the Redhat Repository.
The info below makes me think that you're using the RPM you previously downloaded from our site.
http://www.mnogosearch.org/Download/RPMS/mnogosearch-3.3.13-01.static.glibc-2.12.x86_64.rpm
I suggest to download it and upgrade.
Post by Philippe DE ROCHAMBEAU
---------------------------------------
Yum info mnogosearch
Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Installed Packages
Name : mnogosearch
Arch : x86_64
Version : 3.3.12
Release : 01.static
Size : 15 M
Repo : installed
Summary : Full-featured MySQL based web search engine.
URL : http://www.mnogosearch.org/
License : GNU GPL Version 2
Description : mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
: two parts. The first part is an indexing mechanism (indexer). The indexer walks over
: html hypertext references and stores found words and new references into a database.
: The second part is a web CGI front-end to provide search using data collected by the
: indexer.
: A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
: mnoGoSearch first release took place in November 1998. The search engine was named
: UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
: its name changed to mnoGoSearch.
--------------------------------------------------
Best regards,
Philippe
-----Original Message-----
Sent: 20 March 2013 09:50
To: Philippe DE ROCHAMBEAU
Subject: Re: [General] Buffer overflow
Hi Philippe,
So you're actually running mnogosearch-3.3.12 (not 3.3.13 as you
reported in the first letter).
This problem should be fixed in 3.3.13.
Bug#4803 "buffer overflow detected with search.cgi" was fixed.
Please download 3.3.13 from our site and reinstall.
Greetings.
Hi,
uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST
2013 x86_64 x86_64 x86_64 GNU/Linux
---------------
*** buffer overflow detected ***: ./search.cgi terminated =======
Backtrace: ========= [0x52dae5] [0x52da7e] [0x52d523] [0x52d408]
[0x440c98] [0x44d247] [0x4171dd] [0x404566] [0x4b6056] [0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
------------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6) Copyright (C)
2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate
debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install
/usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.de
bug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi
terminated ======= Backtrace: ========= [0x52dae5] [0x52da7e]
[0x52d523] [0x52d408] [0x440c98] [0x44d247] [0x4171dd] [0x404566]
[0x4b6056] [0x405201] ======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)
-------------------------
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
----------------------
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
mnoGoSearch is a full-featured MySQL based web search engine.
mnoGoSearch consists of two parts. The first part is an indexing
mechanism (indexer). The indexer walks over html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data
collected by the indexer.
A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
mnoGoSearch first release took place in November 1998. The search
engine was named UDMSearch until the project was acquired by
Lavtech.Com Corp. in October 2000 and its name changed to mnoGoSearch.
--------------------------------
Philippe
-----Original Message-----
Barkov
Sent: 19 March 2013 18:54
Subject: Re: [General] Buffer overflow
Hi,
What are exactly your Linux distribution and version?
Does it crash on all queries, or on a certain query only?
./search.cgi "query words"
where "query words" are the search words that make it crash.
Does it crash when started from command line?
If so, it would be nice to get a gdb backtrace.
gdb search cgi
(gdb) run "query words"
(gdb) backtrace
Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!,
I get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ***
buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
Alexander Barkov
2013-03-20 16:02:03 UTC
Permalink
The problem is solved.

search.cgi was not copied to /var/www/cgi-bin after reinstalling the RPM.
Post by Philippe DE ROCHAMBEAU
Hi Alexander,
Although version 3.1.13 is now installed
# rpm -q mnogosearch
mnogosearch-3.3.13-01.static.x86_64
# ./search.cgi "abc"
*** buffer overflow detected ***: ./search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
0234d000-023cf000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fe4155d6000-7fe4156d6000 rw-p 00000000 00:00 0
7fe4156d6000-7fe4156e2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4156e2000-7fe4158e2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158e2000-7fe4158e3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158e3000-7fe4158e4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fe4158ed000-7fe4158ee000 rw-p 00000000 00:00 0
7fff25554000-7fff25569000 rw-p 00000000 00:00 0 [stack]
7fff255cf000-7fff255d0000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
# gdb search.cgi
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.debug
(no debugging symbols found)...done.
(gdb) run "abc"
Starting program: /var/www/cgi-bin/search.cgi "abc"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
======= Backtrace: =========
[0x52dae5]
[0x52da7e]
[0x52d523]
[0x52d408]
[0x440c98]
[0x44d247]
[0x4171dd]
[0x404566]
[0x4b6056]
[0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-0096e000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff7ce6000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffd000-7ffff7ffe000 rw-p 00000000 00:00 0
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
-----------------------------------------------------
Philippe
-----Original Message-----
Sent: 20 March 2013 11:28
Subject: Re: [General] Buffer overflow
Hi Philippe,
Post by Philippe DE ROCHAMBEAU
Hi Alexander,
The problem is that version 3.3.12 is the only one available on the Redhat Repository.
The info below makes me think that you're using the RPM you previously downloaded from our site.
http://www.mnogosearch.org/Download/RPMS/mnogosearch-3.3.13-01.static.glibc-2.12.x86_64.rpm
I suggest to download it and upgrade.
Post by Philippe DE ROCHAMBEAU
---------------------------------------
Yum info mnogosearch
Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Installed Packages
Name : mnogosearch
Arch : x86_64
Version : 3.3.12
Release : 01.static
Size : 15 M
Repo : installed
Summary : Full-featured MySQL based web search engine.
URL : http://www.mnogosearch.org/
License : GNU GPL Version 2
Description : mnoGoSearch is a full-featured MySQL based web search engine. mnoGoSearch consists of
: two parts. The first part is an indexing mechanism (indexer). The indexer walks over
: html hypertext references and stores found words and new references into a database.
: The second part is a web CGI front-end to provide search using data collected by the
: indexer.
: A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
: mnoGoSearch first release took place in November 1998. The search engine was named
: UDMSearch until the project was acquired by Lavtech.Com Corp. in October 2000 and
: its name changed to mnoGoSearch.
--------------------------------------------------
Best regards,
Philippe
-----Original Message-----
Sent: 20 March 2013 09:50
To: Philippe DE ROCHAMBEAU
Subject: Re: [General] Buffer overflow
Hi Philippe,
So you're actually running mnogosearch-3.3.12 (not 3.3.13 as you
reported in the first letter).
This problem should be fixed in 3.3.13.
Bug#4803 "buffer overflow detected with search.cgi" was fixed.
Please download 3.3.13 from our site and reinstall.
Greetings.
Hi,
uname --all
Linux xxx 2.6.32-279.22.1.el6.x86_64 #1 SMP Sun Jan 13 09:21:40 EST
2013 x86_64 x86_64 x86_64 GNU/Linux
---------------
*** buffer overflow detected ***: ./search.cgi terminated =======
Backtrace: ========= [0x52dae5] [0x52da7e] [0x52d523] [0x52d408]
[0x440c98] [0x44d247] [0x4171dd] [0x404566] [0x4b6056] [0x405201]
======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-008ec000 rw-p 00000000 00:00 0
02484000-0251d000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7fc85941b000-7fc859541000 rw-p 00000000 00:00 0
7fc85994d000-7fc859a95000 rw-p 00000000 00:00 0
7fc859a95000-7fc859aa1000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859aa1000-7fc859ca1000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca1000-7fc859ca2000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7fc859ca2000-7fc859ca3000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7fff73931000-7fff73946000 rw-p 00000000 00:00 0 [stack]
7fff739ff000-7fff73a00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
------------------
GNU gdb (GDB) Red Hat Enterprise Linux (7.2-56.el6) Copyright (C)
2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /var/www/cgi-bin/search.cgi...Missing separate
debuginfo for /var/www/cgi-bin/search.cgi
Try: yum --disablerepo='*' --enablerepo='*-debug*' install
/usr/lib/debug/.build-id/c9/14b8eda4e31a052fb8a432cd1fc5f3e1ee56f0.de
bug
(no debugging symbols found)...done.
(gdb) run "a"
Starting program: /var/www/cgi-bin/search.cgi "a"
*** buffer overflow detected ***: /var/www/cgi-bin/search.cgi
terminated ======= Backtrace: ========= [0x52dae5] [0x52da7e]
[0x52d523] [0x52d408] [0x440c98] [0x44d247] [0x4171dd] [0x404566]
[0x4b6056] [0x405201] ======= Memory map: ========
00400000-00685000 r-xp 00000000 fd:00 334904 /var/www/cgi-bin/search.cgi
00885000-008e0000 rw-p 00285000 fd:00 334904 /var/www/cgi-bin/search.cgi
008e0000-00985000 rw-p 00000000 00:00 0 [heap]
399c400000-399c420000 r-xp 00000000 fd:00 318247 /lib64/ld-2.12.so
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
399c621000-399c622000 rw-p 00000000 00:00 0
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf89000-399cf8d000 r--p 00189000 fd:00 318254 /lib64/libc-2.12.so
399cf8d000-399cf8e000 rw-p 0018d000 fd:00 318254 /lib64/libc-2.12.so
399cf8e000-399cf93000 rw-p 00000000 00:00 0
7ffff776c000-7ffff7892000 rw-p 00000000 00:00 0
7ffff7c9e000-7ffff7de6000 rw-p 00000000 00:00 0
7ffff7de6000-7ffff7df2000 r-xp 00000000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7df2000-7ffff7ff2000 ---p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff2000-7ffff7ff3000 r--p 0000c000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ff3000-7ffff7ff4000 rw-p 0000d000 fd:00 318269 /lib64/libnss_files-2.12.so
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0 [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x000000000047199b in ?? ()
(gdb)
-------------------------
(gdb) backtrace
#0 0x000000000047199b in ?? ()
#1 0x00000000004be10b in ?? ()
#2 0x00000000004ca57e in ?? ()
#3 0x000000000052dae5 in ?? ()
#4 0x000000000052da7e in ?? ()
#5 0x000000000052d523 in ?? ()
#6 0x000000000052d408 in ?? ()
#7 0x0000000000440c98 in ?? ()
#8 0x000000000044d247 in ?? ()
#9 0x00000000004171dd in ?? ()
#10 0x0000000000404566 in ?? ()
#11 0x00000000004b6056 in ?? ()
#12 0x0000000000405201 in ?? ()
#13 0x00007fffffffe5d8 in ?? ()
#14 0x0000000000000000 in ?? ()
(gdb)
----------------------
Name : mnogosearch Relocations: (not relocatable)
Version : 3.3.12 Vendor: (none)
Release : 01.static Build Date: Thu 15 Dec 2011 02:18:31 PM CET
Install Date: Thu 21 Feb 2013 06:08:24 PM CET Build Host: bar.myoffice.izhnet.ru
Group : Applications/Internet Source RPM: mnogosearch-3.3.12-01.static.src.rpm
Size : 16239228 License: GNU GPL Version 2
Signature : (none)
URL : http://www.mnogosearch.org/
Summary : Full-featured MySQL based web search engine.
mnoGoSearch is a full-featured MySQL based web search engine.
mnoGoSearch consists of two parts. The first part is an indexing
mechanism (indexer). The indexer walks over html hypertext references and stores found words and new references into a database.
The second part is a web CGI front-end to provide search using data
collected by the indexer.
A PHP and a Perl front-ends are also available from our site http://www.mnogosearch.org/.
mnoGoSearch first release took place in November 1998. The search
engine was named UDMSearch until the project was acquired by
Lavtech.Com Corp. in October 2000 and its name changed to mnoGoSearch.
--------------------------------
Philippe
-----Original Message-----
Barkov
Sent: 19 March 2013 18:54
Subject: Re: [General] Buffer overflow
Hi,
What are exactly your Linux distribution and version?
Does it crash on all queries, or on a certain query only?
./search.cgi "query words"
where "query words" are the search words that make it crash.
Does it crash when started from command line?
If so, it would be nice to get a gdb backtrace.
gdb search cgi
(gdb) run "query words"
(gdb) backtrace
Thanks.
Post by Philippe DE ROCHAMBEAU
Hello,
When I type a word in the Search Form Input field and press Search!,
I get a buffer overflow error.
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] ***
buffer overflow detected ***: /var/www/cgi-bin/search.cgi terminated
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Backtrace: =========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52dae5]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52da7e]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52d523]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x52d408]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x440c98]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x44d247]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x4171dd]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x404566]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x4b6056]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
[0x405201]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx] =======
Memory map: ========
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00400000-00685000 r-xp 00000000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
00885000-008e0000 rw-p 00285000 fd:00 334904
/var/www/cgi-bin/search.cgi
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
008e0000-008ec000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
01ee0000-01f6d000 rw-p 00000000 00:00 0 [heap]
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c400000-399c420000 r-xp 00000000 fd:00 318247
/lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c420000-399c61f000 ---p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c61f000-399c620000 r--p 0001f000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c620000-399c621000 rw-p 00020000 fd:00 318247 /lib64/ld-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399c621000-399c622000 rw-p 00000000 00:00 0
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cc00000-399cd89000 r-xp 00000000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cd89000-399cf89000 ---p 00189000 fd:00 318254 /lib64/libc-2.12.so
[Tue Mar 19 17:24:45 2013] [error] [client xxx.xxx.xxx.xxx]
399cf89000-399cf8d000 r--p 00189000 fd:00 318254
Configuration: mnogosearch 3.3.13 on Linux 2.6.32
Any help would be greatly appreciated.
Philippe
P In order to preserve the environment, please do not print this
message unless it is necessary.
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
_______________________________________________
General mailing list
http://lists.mnogosearch.org/listinfo/general
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
P In order to preserve the environment, please do not print this message unless it is necessary.
Loading...