1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
#! /bin/sh
# PCP QA Test No. 193
# bogus pdus attacking pmcd causing core dump or looping pmcd
# pv 935490
#
# Copyright (c) 2005 Silicon Graphics, Inc. All Rights Reserved.
#
seq=`basename $0`
echo "QA output created by $seq"
# get standard environment, filters and checks
. ./common.product
. ./common.filter
. ./common.check
status=0 # success is the default!
trap "_cleanup; $sudo rm -f $tmp.*; exit \$status" 0 1 2 3 15
_stop_auto_restart pmcd
# and NO malloc() hardening ...
# vm33:
# false match on DoAttributes() -> __pmSendAttr() -> __pmUnpinPDUBuf() -> free()
# code path
#
case $PCP_PLATFORM
in
openbsd)
unset MALLOC_OPTIONS
;;
esac
_cleanup()
{
if [ -n "$pmcd_pid" ]
then
$sudo kill -TERM $pmcd_pid
pmcd_pid=''
wait
fi
_restore_auto_restart pmcd
}
port=`_find_free_port`
echo "port=$port" >>$seq_full
# start a prive pmcd in the bacground, no daemonizing
#
$sudo $PCP_PMCD_PROG -f -p $port -s $tmp.pmcd.socket -l $tmp.pmcd.log >$tmp.pmcd.out 2>&1 &
echo "sudo_pid=$!" >>$seq_full
_wait_for_pmcd 10 localhost $port || _exit 1
# because sudo's in the mix, we need the first child of sudo, but it
# is eaasier to get pmcd's pid from this line in pmcd's log filw
# pmcd: PID = 22256, PDU version = 2
#
pmcd_pid=`sed <$tmp.pmcd.log -n -e '/^pmcd: PID = /{
s/,.*//
s/.* //
p
}'`
echo "pmcd_pid=$pmcd_pid" >>$seq_full
if [ -z "$pmcd_pid" ]
then
echo "Arrgh, cannod get pmcd's pid from log file ... see $seq.full"
_exit 1
fi
# turn pdu debugging on ...
#
pmstore -h localhost:$port pmcd.control.debug "pdu" >>$seq_full 2>&1 # pdu==1
# real QA test starts here
src/crashpmcd -p $port
# give pmcd a chance to deal with PDUs from crashpmcd
sleep 2
echo "pmcd out ===" >>$seq_full
cat $tmp.pmcd.out >>$seq_full
echo "pmcd log ===" >>$seq_full
cat $tmp.pmcd.log >>$seq_full
# pmcd may receive more PDU's from other clients before
# we disable the debug flags in _cleanup ... the awk
# at the end chops any trailing babble off
# Also the pmproxy PMDA (really the mmv PMDA) may complain
# abour owning processes that have vanished ... this has
# nothing to do with this test
#
_filter_pmcd_log <$tmp.pmcd.log \
| sed \
-e '1,/ok FD /d' \
-e '/ok FD /d' \
-e '/pmXmitPDU: ERROR/d' \
-e '/pmXmitPDU: error/d' \
-e '/pmXmitPDU: non-socket write() result -1/d' \
-e '/pmGetPDU: ERROR/d' \
-e '/pmGetPDU: TYPE/d' \
-e '/^000:/d' \
-e '/pmproxy: .*: owning process PID .* vanished/d' \
-e 's/fd=[0-9][0-9]*/fd=N/' \
-e '/HandleClientInput/s/client\[[0-9][0-9]*]/client[N]/' \
-e 's/len=-1: Connection reset by peer.*/END-OF-FILE/' \
-e 's/Connection reset by peer/Broken pipe/' \
-e 's/have .*, want .*, got 0/END-OF-FILE/' \
-e '/PMNS file "DEFAULT" is unchanged/d' \
| $PCP_AWK_PROG '
/len=201326592/ { sentinel = 1 }
sentinel == 1 && ! /len=201326592/ { exit }
{ print }'
# success, all done
exit
|
