Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

blackbox corruption protection insufficient #237

Open
jnpkrn opened this issue Nov 28, 2016 · 5 comments
Open

blackbox corruption protection insufficient #237

jnpkrn opened this issue Nov 28, 2016 · 5 comments
Labels
design

Comments

@jnpkrn
Copy link
Contributor

jnpkrn commented Nov 28, 2016

See
https://travis-ci.org/jnpkrn/libqb/jobs/178981147#L1766

 ==== Corrupt blackbox test 31/32 ====
Dumping the contents of butchered_blackbox.fdata
[debug] shm size:8192; real_size:8192; rb->word_size:2048
[debug] read total of: 8212
Ringbuffer: 
 ->NORMAL
 ->write_pt [1392]
 ->read_pt [1530]
 ->size [2048 words]
 =>free [548 bytes]
 =>used [7636 bytes]
trace   Jun 23 00:44:20 func_onu���8X(36):2295333028: arrrg!
error   Nov 26 02:26:44 func_one9��8X(38):1644167343: oo+s� I�d-d it aga`n
ERROR: qb_rb_chunk_read failed: Connection timed out
[trace] ENTERING qb_rb_close()
[debug] Free'ing ringbuffer: /dev/shm/qb-create_from_file-header
@jnpkrn
Copy link
Contributor Author

jnpkrn commented Nov 29, 2016

This part definitely needs more love:

https://copr-be.cloud.fedoraproject.org/results/%40ClusterLabs/devel/epel-7-x86_64/00482520-libqb/build.log.gz

 ==== Corrupt blackbox test 14/32 ====
[debug] shm size:8192; real_size:8192; rb->word_size:2048
[debug] read total of: 8212
./blackbox-segfault.sh: line 17: 23805 Segmentation fault      (core dumped) ../tools/qb-blackbox butchered_blackbox.fdata
FAIL blackbox-segfault.sh (exit status: 1)

@jnpkrn
Copy link
Contributor Author

jnpkrn commented Nov 30, 2016

One of the ideas would be to add a cryptographic digest in addition
to mere checksum + perhaps add --ignore-digest and --ignore-checksum
switches that would allow to ignore the respective nonmatching value
at one's risk -- it would also be handy to have something like
--ascii-only that would substitute non-ascii characters in the deemed
output with a selected byte (e.g. ~ being the default).

@sdake
Copy link

sdake commented Oct 27, 2017

@jnpkrn a digital signature would be expensive, as the idea of the blackbox is to record all information coming from the system in realtime - even if the data doesn't quite make it to disk. The solutions you mentioned for ascsi-ifying the text output would probably be helpful and some other guards in place around memory boundaries when printing log messages.

Cheers
-steve

@jnpkrn jnpkrn added the design label Dec 15, 2017
@jnpkrn
Copy link
Contributor Author

jnpkrn commented Feb 12, 2018

For posterity, Python decides to stick with SipHash
to hash the source file for comparison against bytecode mark.

@jnpkrn jnpkrn mentioned this issue Aug 24, 2018
Closed
@jnpkrn
Copy link
Contributor Author

jnpkrn commented Dec 21, 2018

And one of stand-alone implementations thereof:
https://github.com/c-util/c-siphash

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
design
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sdake @jnpkrn