Bug 4463 - sso code can get stuck in an infinite loop
Summary: sso code can get stuck in an infinite loop
Status: CLOSED DUPLICATE of bug 4462
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Other (show other bugs)
Version: 3.4.0
Hardware: PC Unknown
: P2 Normal
Target Milestone: 4.1.0
Assignee: Peter Åstrand
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-07 13:05 CET by Pierre Ossman
Modified: 2012-11-28 10:29 CET (History)
0 users

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Pierre Ossman cendio 2012-11-07 13:05:37 CET 
We noticed this when we had problems with evil users on the demo system and had to kill sessions aggressively. At that point we got a bunch of tl-set-sso-helper processes that were stuck in an infinite loop.

After some digging, the offending code is in sso.py in _encryption_key(). It reads the session key, and then duplicates it until it has 16 bytes. The problem is that it fails to handle a key that has been wiped (i.e. is zero characters long). It will then loop forever trying to make the string longer.
Comment 1 Pierre Ossman cendio 2012-11-20 11:51:31 CET 

*** This bug has been marked as a duplicate of bug 4462 ***
Note You need to log in before you can comment on or make changes to this bug.