View Issue Details

IDProjectCategoryView StatusLast Update
0001324bareos-core[All Projects] webuipublic2021-09-14 12:19
ReporterEmmanuel GaretteAssigned Tofrank 
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
PlatformLinux UbuntuOS20.04OS Version
Product Version20.0.0 
Fixed in Version 
Summary0001324: Infinite loop when trying to log with invalid account
DescriptionI'm using this community version of Webui: http://download.bareos.org/bareos/release/20/xUbuntu_20.04/

When I'm trying to log with invalid account, webui didn't return nothing and apache seems to run an infinite loop. The log file increases rapidly.

I think the problem is in this two lines:

          $send = fwrite($this->socket, $msg, $str_length);
         if($send === 0) {

The fwrite function returns false when an error provides (see: https://www.php.net/manual/en/function.fwrite.php ).

If a replace 0 by false, everything is ok.

In attachement a patch to solve this issues.
TagsNo tags attached.
bareos-master: impact
bareos-master: action
bareos-19.2: impact
bareos-19.2: action
bareos-18.2: impact
bareos-18.2: action
bareos-17.2: impact
bareos-17.2: action
bareos-16.2: impact
bareos-16.2: action
bareos-15.2: impact
bareos-15.2: action
bareos-14.2: impact
bareos-14.2: action
bareos-13.2: impact
bareos-13.2: action
bareos-12.4: impact
bareos-12.4: action

Relationships

related to 0001342 resolvedfrank Invalid login on webui causes apache2 error log to fill disk 
related to 0001383 closedarogge Release Bareos 18.2.12 
related to 0001384 closedarogge_adm Release Bareos 19.2.11 
related to 0001361 closedarogge Release Bareos 20.0.3 

Activities

Emmanuel Garette

Emmanuel Garette

2021-03-02 10:26

reporter  

webui.patch (483 bytes)
--- BareosBSock.php	2021-03-02 10:16:20.195329949 +0100
+++ /usr/share/bareos-webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php	2021-03-02 10:16:46.147329949 +0100
@@ -217,7 +217,7 @@
       $str_length += 4;
       while($this->socket && $str_length > 0) {
          $send = fwrite($this->socket, $msg, $str_length);
-         if($send === 0) {
+         if($send === false) {
             fclose($this->socket);
             $this->socket = null;
             return false;
webui.patch (483 bytes)
frank

frank

2021-06-28 15:22

manager   ~0004163

Fix committed to bareos master branch with changesetid 15006.
frank

frank

2021-06-29 14:22

manager   ~0004165

Fix committed to bareos bareos-19.2 branch with changesetid 15017.

Related Changesets

bareos: master 2f582786

2021-06-10 13:41:12

frank

Ported: N/A

Details Diff
webui: Fix infinite loop when trying to log in with invalid account

Close socket on fwrite() error. fwrite() returns the number of bytes
written, or false on error.

Fixes 0001324: Infinite loop when trying to log with invalid account
Affected Issues
0001324
mod - webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php Diff File

bareos: bareos-18.2 13d976ae

2021-06-10 13:41:12

frank

Ported: N/A

Details Diff
webui: Fix infinite loop when trying to log in with invalid account

Close socket on fwrite() error. fwrite() returns the number of bytes
written, or false on error.

Fixes 0001324: Infinite loop when trying to log with invalid account

(cherry picked from commit 2f58278669d3adbc0ae167289cc0c34c74ebf7c4)
Affected Issues
0001324
mod - webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php Diff File

bareos: bareos-19.2 c8217219

2021-06-10 13:41:12

frank

Ported: N/A

Details Diff
webui: Fix infinite loop when trying to log in with invalid account

Close socket on fwrite() error. fwrite() returns the number of bytes
written, or false on error.

Fixes 0001324: Infinite loop when trying to log with invalid account

(cherry picked from commit 2f58278669d3adbc0ae167289cc0c34c74ebf7c4)
Affected Issues
0001324
mod - webui/vendor/Bareos/library/Bareos/BSock/BareosBSock.php Diff File

Issue History

Date Modified Username Field Change
2021-03-02 10:26 Emmanuel Garette New Issue
2021-03-02 10:26 Emmanuel Garette File Added: webui.patch
2021-04-29 10:56 frank Assigned To => frank
2021-04-29 10:56 frank Status new => assigned
2021-06-16 17:20 frank Relationship added related to 0001342
2021-06-28 15:22 frank Changeset attached => bareos master 2f582786
2021-06-28 15:22 frank Note Added: 0004163
2021-06-28 15:22 frank Status assigned => resolved
2021-06-28 15:22 frank Resolution open => fixed
2021-06-29 14:22 frank Changeset attached => bareos bareos-18.2 13d976ae
2021-06-29 14:22 frank Changeset attached => bareos bareos-19.2 c8217219
2021-06-29 14:22 frank Note Added: 0004165
2021-09-13 10:38 arogge Relationship added related to 0001383
2021-09-14 10:54 arogge_adm Relationship added related to 0001384
2021-09-14 12:19 arogge_adm Relationship added related to 0001361