[Xymon] buffer overflow detected in xymongen (4.3.21)

Axel Beckert beckert at phys.ethz.ch
Thu Jul 2 15:49:17 CEST 2015 

Hi,

today our xymongen check went purple for about an hour. In the
xymongen.log I found tons of crash reports like this one:

*** buffer overflow detected ***: xymongen terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x731ff)[0x7f31a13fc1ff]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f31a147f4c7]
/lib/x86_64-linux-gnu/libc.so.6(+0xf46e0)[0x7f31a147d6e0]
xymongen[0x40d526]
xymongen[0x403b72]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7f31a13aab45]
xymongen[0x40510c]
======= Memory map: ========
00400000-00445000 r-xp 00000000 fd:00 151583                             /usr/lib/xymon/server/bin/xymongen
00644000-00645000 r--p 00044000 fd:00 151583                             /usr/lib/xymon/server/bin/xymongen
00645000-00647000 rw-p 00045000 fd:00 151583                             /usr/lib/xymon/server/bin/xymongen
00647000-00658000 rw-p 00000000 00:00 0 
01ea3000-022fe000 rw-p 00000000 00:00 0                                  [heap]
7f31a0c26000-7f31a0c3c000 r-xp 00000000 fd:00 524307                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7f31a0c3c000-7f31a0e3b000 ---p 00016000 fd:00 524307                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7f31a0e3b000-7f31a0e3c000 rw-p 00015000 fd:00 524307                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7f31a0e3c000-7f31a0f68000 rw-p 00000000 00:00 0 
7f31a0f68000-7f31a0f80000 r-xp 00000000 fd:00 535294                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7f31a0f80000-7f31a117f000 ---p 00018000 fd:00 535294                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7f31a117f000-7f31a1180000 r--p 00017000 fd:00 535294                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7f31a1180000-7f31a1181000 rw-p 00018000 fd:00 535294                     /lib/x86_64-linux-gnu/libpthread-2.19.so
7f31a1181000-7f31a1185000 rw-p 00000000 00:00 0 
7f31a1185000-7f31a1188000 r-xp 00000000 fd:00 535286                     /lib/x86_64-linux-gnu/libdl-2.19.so
7f31a1188000-7f31a1387000 ---p 00003000 fd:00 535286                     /lib/x86_64-linux-gnu/libdl-2.19.so
7f31a1387000-7f31a1388000 r--p 00002000 fd:00 535286                     /lib/x86_64-linux-gnu/libdl-2.19.so
7f31a1388000-7f31a1389000 rw-p 00003000 fd:00 535286                     /lib/x86_64-linux-gnu/libdl-2.19.so
7f31a1389000-7f31a1528000 r-xp 00000000 fd:00 535301                     /lib/x86_64-linux-gnu/libc-2.19.so
7f31a1528000-7f31a1728000 ---p 0019f000 fd:00 535301                     /lib/x86_64-linux-gnu/libc-2.19.so
7f31a1728000-7f31a172c000 r--p 0019f000 fd:00 535301                     /lib/x86_64-linux-gnu/libc-2.19.so
7f31a172c000-7f31a172e000 rw-p 001a3000 fd:00 535301                     /lib/x86_64-linux-gnu/libc-2.19.so
7f31a172e000-7f31a1732000 rw-p 00000000 00:00 0 
7f31a1732000-7f31a179e000 r-xp 00000000 fd:00 524394                     /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f31a179e000-7f31a199e000 ---p 0006c000 fd:00 524394                     /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f31a199e000-7f31a199f000 r--p 0006c000 fd:00 524394                     /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f31a199f000-7f31a19a0000 rw-p 0006d000 fd:00 524394                     /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f31a19a0000-7f31a1b6b000 r-xp 00000000 fd:00 131288                     /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f31a1b6b000-7f31a1d6b000 ---p 001cb000 fd:00 131288                     /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f31a1d6b000-7f31a1d88000 r--p 001cb000 fd:00 131288                     /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f31a1d88000-7f31a1d98000 rw-p 001e8000 fd:00 131288                     /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
7f31a1d98000-7f31a1d9b000 rw-p 00000000 00:00 0 
7f31a1d9b000-7f31a1df1000 r-xp 00000000 fd:00 133362                     /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7f31a1df1000-7f31a1ff1000 ---p 00056000 fd:00 133362                     /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7f31a1ff1000-7f31a1ff4000 r--p 00056000 fd:00 133362                     /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7f31a1ff4000-7f31a1ffb000 rw-p 00059000 fd:00 133362                     /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
7f31a1ffb000-7f31a201b000 r-xp 00000000 fd:00 535260                     /lib/x86_64-linux-gnu/ld-2.19.so
7f31a220b000-7f31a2210000 rw-p 00000000 00:00 0 
7f31a2217000-7f31a221b000 rw-p 00000000 00:00 0 
7f31a221b000-7f31a221c000 r--p 00020000 fd:00 535260                     /lib/x86_64-linux-gnu/ld-2.19.so
7f31a221c000-7f31a221d000 rw-p 00021000 fd:00 535260                     /lib/x86_64-linux-gnu/ld-2.19.so
7f31a221d000-7f31a221e000 rw-p 00000000 00:00 0 
7fff1cf05000-7fff1cf2d000 rw-p 00000000 00:00 0                          [stack]
7fff1cffc000-7fff1cffe000 r-xp 00000000 00:00 0                          [vdso]
7fff1cffe000-7fff1d000000 r--p 00000000 00:00 0                          [vvar]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

After ca. one hour it went yellow again with the following error
output: "symlink nongreen.xml->index.wml failed: Transport endpoint is
not connected". Shortly thereafter it went green again, but the
runtime is about 1.5 times as high as before.

xymon is installed from Debian's xymon packages.

Feel free to tell me what else could be helpful to track down this
bufferflow. I've found no (recent) core dump.

		Kind regards, Axel Beckert
-- 
Axel Beckert <beckert at phys.ethz.ch>       support: +41 44 633 26 68
IT Services Group, HPT H 6                  voice: +41 44 633 41 89
Departement of Physics, ETH Zurich
CH-8093 Zurich, Switzerland		   http://nic.phys.ethz.ch/

More information about the Xymon mailing list