View Issue Details

IDProjectCategoryView StatusLast Update
0001027bareos-coredirectorpublic2023-09-12 16:32
Reportergnif Assigned Tobruno-at-bareos  
PriorityurgentSeveritymajorReproducibilityalways
Status closedResolutionfixed 
PlatformLinuxOSDebianOS Version9
Product Version18.4.1 
Summary0001027: 32bit integer overflow in sql LIMIT clause
DescriptionRunning backups on the director is producing the following errors, it is clearly a 32-bit integer overflow as the limit has become negative. I believe the issue is in SetQueryRange as it doesn't support parsing or using 64 bit integers.

https://github.com/bareos/bareos/blob/1c5bf440cdc8fe949ba58357d16588474cd6ccb8/core/src/dird/ua_output.cc#L497
Additional Information09-Nov 21:00 bareos-dir JobId 0: Fatal error: cats/sql_list.cc:566 cats/sql_list.cc:566 query SELECT DISTINCT Job.JobId, Job.Job, Job.Name, Job.PurgedFiles, Job.Type, Job.Level, Job.ClientId, Client.Name as Client, Job.JobStatus, Job.SchedTime, Job.StartTime, Job.EndTime, Job.RealEndTime, Job.JobTDate, Job.VolSessionId, Job.VolSessionTime, Job.JobFiles, Job.JobBytes, Job.JobErrors, Job.JobMissingFiles, Job.PoolId, Pool.Name as PoolName, Job.PriorJobId, Job.FileSetId, FileSet.FileSet FROM Job LEFT JOIN Client ON Client.ClientId=Job.ClientId LEFT JOIN Pool ON Pool.PoolId=Job.PoolId LEFT JOIN JobMedia ON JobMedia.JobId=Job.JobId LEFT JOIN Media ON JobMedia.MediaId=Media.MediaId LEFT JOIN FileSet ON FileSet.FileSetId=Job.FileSetId WHERE Job.JobId > 0 AND Job.JobStatus = 'S' AND Job.SchedTime > '2018-11-08 21:00:21' ORDER BY StartTime LIMIT 1000 OFFSET -2018192296; failed:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '-2018192296' at line 1
TagsNo tags attached.

Activities

joergs

joergs

2019-11-11 19:33

developer   ~0003623

When does this error occur? How have you triggered this SQL query?
gnif

gnif

2019-11-11 22:57

reporter   ~0003625

Simply by allowing BareOS to run backups across multiple servers for several months. There are clearly over 2,147,483,647 records in the result set.
joergs

joergs

2019-11-12 15:26

developer   ~0003628

I meant, what single action trigger this error.

I found out, that this sql query is triggered by the bconsole "llist jobs" command, but only when used with the "offset" parameter.

I don't assume, you execute a "llist jobs ... offset=..." manually?

Are you using the Bareos WebUI? The WebUI uses "llist jobs" to retrieve information and can also use limit and offset. Is the error triggered by same actions there?

Or are you using something else like CopyJob the selects jobs by such a query?

Anyhow, this problem should only occur when your last jobid comes close to 2,147,483,647. Is this the case?
joergs

joergs

2019-11-12 15:30

developer   ~0003629

Manually calling the bconsole command

llist jobs limit=1000 offset=2147483648

results in a query with wrong offset:

cats/sql_query.cc:131-0 called: bool BareosDb::SqlQuery(const char*, int) with query SELECT DISTINCT Job.JobId, Job.Job, Job.Name, Job.PurgedFiles, Job.Type, Job.Level, Job.ClientId, Client.Name as Client, Job.JobStatus, Job.SchedTime, Job.StartTime, Job.EndTime, Job.RealEndTime, Job.JobTDate, Job.VolSessionId, Job.VolSessionTime, Job.JobFiles, Job.JobBytes, Job.JobErrors, Job.JobMissingFiles, Job.PoolId, Pool.Name as PoolName, Job.PriorJobId, Job.FileSetId, FileSet.FileSet FROM Job LEFT JOIN Client ON Client.ClientId=Job.ClientId LEFT JOIN Pool ON Pool.PoolId=Job.PoolId LEFT JOIN JobMedia ON JobMedia.JobId=Job.JobId LEFT JOIN Media ON JobMedia.MediaId=Media.MediaId LEFT JOIN FileSet ON FileSet.FileSetId=Job.FileSetId WHERE Job.JobId > 0 ORDER BY StartTime LIMIT 1000 OFFSET -2147483648;
bruno-at-bareos

bruno-at-bareos

2023-07-19 10:34

manager   ~0005224

Still the case with 22.1.0
*llist jobs limit=1000 offset=2147483648

 Fatal error: cats/sql_list.cc:613 cats/sql_list.cc:613 query SELECT DISTINCT Job.JobId, Job.Job, Job.Name, Job.PurgedFiles, Job.Type, Job.Level, Job.ClientId, Client.Name as Client, Job.JobStatus, Job.SchedTime, Job.StartTime, Job.EndTime,Job.RealEndtime, CASE WHEN Job.endtime IS NOT NULL AND Job.endtime >= Job.starttime THEN Job.endtime - Job.starttime ELSE CURRENT_TIMESTAMP(0) - Job.starttime END as Duration, Job.JobTDate, Job.VolSessionId, Job.VolSessionTime, Job.JobFiles, Job.JobBytes, Job.JobErrors, Job.JobMissingFiles, Job.PoolId, Pool.Name as PoolName, Job.PriorJobId, Job.FileSetId, FileSet.FileSet FROM Job LEFT JOIN Client ON Client.ClientId=Job.ClientId LEFT JOIN Pool ON Pool.PoolId=Job.PoolId LEFT JOIN JobMedia ON JobMedia.JobId=Job.JobId LEFT JOIN Media ON JobMedia.MediaId=Media.MediaId LEFT JOIN FileSet ON FileSet.FileSetId=Job.FileSetId WHERE Job.JobId > 0 ORDER BY StartTime LIMIT 1000 OFFSET -2147483648; failed:
ERROR: OFFSET must not be negative

bruno-at-bareos

bruno-at-bareos

2023-07-19 14:14

manager   ~0005230

seems easy to fix atoi(jcr->offset) to a atol(jcr->offset)
bruno-at-bareos

bruno-at-bareos

2023-09-12 16:32

manager   ~0005420

Will be fixed in 23 see PR https://github.com/bareos/bareos/pull/1547

Issue History

Date Modified Username Field Change
2018-11-09 11:51 gnif New Issue
2019-11-11 19:33 joergs Status new => feedback
2019-11-11 19:33 joergs Note Added: 0003623
2019-11-11 22:57 gnif Note Added: 0003625
2019-11-11 22:57 gnif Status feedback => new
2019-11-12 15:26 joergs Note Added: 0003628
2019-11-12 15:27 joergs Assigned To => joergs
2019-11-12 15:27 joergs Status new => feedback
2019-11-12 15:30 joergs Note Added: 0003629
2019-11-26 12:35 joergs Assigned To joergs =>
2023-07-19 10:34 bruno-at-bareos Assigned To => bruno-at-bareos
2023-07-19 10:34 bruno-at-bareos Status feedback => acknowledged
2023-07-19 10:34 bruno-at-bareos Note Added: 0005224
2023-07-19 14:14 bruno-at-bareos Note Added: 0005230
2023-07-19 14:14 bruno-at-bareos Assigned To bruno-at-bareos =>
2023-07-19 14:14 bruno-at-bareos Assigned To => bruno-at-bareos
2023-07-19 14:14 bruno-at-bareos Status acknowledged => assigned
2023-09-12 16:32 bruno-at-bareos Status assigned => closed
2023-09-12 16:32 bruno-at-bareos Resolution open => fixed
2023-09-12 16:32 bruno-at-bareos Note Added: 0005420