Index: src/router/proftpd/contrib/mod_sftp/msg.c =================================================================== --- src/router/proftpd/contrib/mod_sftp/msg.c (revision 14677) +++ src/router/proftpd/contrib/mod_sftp/msg.c (revision 17876) @@ -1,5 +1,5 @@ /* * ProFTPD - mod_sftp message format - * Copyright (c) 2008-2009 TJ Saunders + * Copyright (c) 2008-2011 TJ Saunders * * This program is free software; you can redistribute it and/or modify @@ -15,5 +15,5 @@ * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. + * Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. * * As a special exemption, TJ Saunders and other respective copyright holders @@ -22,5 +22,5 @@ * source distribution. * - * $Id: msg.c,v 1.2 2009/02/13 23:41:19 castaglia Exp $ + * $Id: msg.c,v 1.7 2011/05/23 21:03:12 castaglia Exp $ */ @@ -31,4 +31,8 @@ #include "disconnect.h" +#ifdef HAVE_EXECINFO_H +# include +#endif + /* The scratch buffer used by getbuf() is a constant 8KB. If the caller * requests a larger size than that, the request is fulfilled using the @@ -37,4 +41,38 @@ static char msg_buf[8 * 1024]; +static void log_stacktrace(void) { +#if defined(HAVE_EXECINFO_H) && \ + defined(HAVE_BACKTRACE) && \ + defined(HAVE_BACKTRACE_SYMBOLS) + void *trace[PR_TUNABLE_CALLER_DEPTH]; + char **strings; + size_t tracesz; + + (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, + "-----BEGIN STACK TRACE-----"); + + tracesz = backtrace(trace, PR_TUNABLE_CALLER_DEPTH); + strings = backtrace_symbols(trace, tracesz); + if (strings != NULL) { + register unsigned int i; + + for (i = 1; i < tracesz; i++) { + (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, + "[%u] %s", i-1, strings[i]); + } + + /* Prevent memory leaks. */ + free(strings); + + } else { + (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, + "error obtaining stacktrace symbols: %s", strerror(errno)); + } + + (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, + "-----END STACK TRACE-----"); +#endif +} + char *sftp_msg_getbuf(pool *p, size_t sz) { if (sz <= sizeof(msg_buf)) { @@ -46,5 +84,5 @@ char sftp_msg_read_byte(pool *p, char **buf, uint32_t *buflen) { - char byte; + char byte = 0; (void) p; @@ -54,4 +92,5 @@ "message format error: unable to read byte (buflen = %lu)", (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -65,5 +104,5 @@ int sftp_msg_read_bool(pool *p, char **buf, uint32_t *buflen) { - char bool; + char bool = 0; (void) p; @@ -78,10 +117,11 @@ char *sftp_msg_read_data(pool *p, char **buf, uint32_t *buflen, size_t datalen) { - char *data; + char *data = NULL; if (*buflen < datalen) { (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, - "message format error: unable to read %u bytes of raw data " - "(buflen = %lu)", (unsigned int) datalen, (unsigned long) *buflen); + "message format error: unable to read %lu bytes of raw data " + "(buflen = %lu)", (unsigned long) datalen, (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -97,5 +137,5 @@ uint32_t sftp_msg_read_int(pool *p, char **buf, uint32_t *buflen) { - uint32_t val; + uint32_t val = 0; (void) p; @@ -105,4 +145,5 @@ "message format error: unable to read int (buflen = %lu)", (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -119,5 +160,5 @@ BIGNUM *mpint = NULL; const unsigned char *data = NULL; - uint32_t datalen; + uint32_t datalen = 0; datalen = sftp_msg_read_int(p, buf, buflen); @@ -127,4 +168,5 @@ "message format error: unable to read %lu bytes of mpint (buflen = %lu)", (unsigned long) datalen, (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -134,4 +176,5 @@ "message format error: unable to handle mpint of %lu bytes", (unsigned long) datalen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -142,4 +185,5 @@ "message format error: unable to read %lu bytes of mpint data", (unsigned long) datalen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -148,4 +192,5 @@ (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, "message format error: negative mpint numbers not supported"); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -156,4 +201,5 @@ "message format error: unable to convert binary mpint: %s", sftp_crypto_get_errors()); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -163,6 +209,6 @@ char *sftp_msg_read_string(pool *p, char **buf, uint32_t *buflen) { - uint32_t len; - char *str; + uint32_t len = 0; + char *str = NULL; len = sftp_msg_read_int(p, buf, buflen); @@ -177,4 +223,5 @@ "message format error: unable to read %lu bytes of string data " "(buflen = %lu)", (unsigned long) len, (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -195,4 +242,5 @@ "message format error: unable to write byte (buflen = %lu)", (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -215,6 +263,7 @@ if (*buflen < datalen) { (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, - "message format error: unable to write %u bytes of raw data " - "(buflen = %lu)", (unsigned int) datalen, (unsigned long) *buflen); + "message format error: unable to write %lu bytes of raw data " + "(buflen = %lu)", (unsigned long) datalen, (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -232,4 +281,5 @@ "message format error: unable to write int (buflen = %lu)", (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -243,7 +293,7 @@ void sftp_msg_write_mpint(char **buf, uint32_t *buflen, const BIGNUM *mpint) { - unsigned char *data; - size_t datalen; - int res; + unsigned char *data = NULL; + size_t datalen = 0; + int res = 0; if (BN_is_zero(mpint)) { @@ -256,4 +306,5 @@ "message format error: unable to write mpint (negative numbers not " "supported)"); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -263,6 +314,7 @@ if (*buflen < datalen) { (void) pr_log_writefile(sftp_logfd, MOD_SFTP_VERSION, - "message format error: unable to write %u bytes of mpint (buflen = %lu)", - (unsigned int) datalen, (unsigned long) *buflen); + "message format error: unable to write %lu bytes of mpint (buflen = %lu)", + (unsigned long) datalen, (unsigned long) *buflen); + log_stacktrace(); SFTP_DISCONNECT_CONN(SFTP_SSH2_DISCONNECT_BY_APPLICATION, NULL); } @@ -300,5 +352,5 @@ void sftp_msg_write_string(char **buf, uint32_t *buflen, const char *str) { - uint32_t len; + uint32_t len = 0; len = strlen(str);