-
Notifications
You must be signed in to change notification settings - Fork 387
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
seg fault if digest auth contains "charset" #200
Comments
Do you know how to get a stack trace out of the core dump? If so, could you
reply with it?
…On Wed, Oct 13, 2021 at 7:01 AM User65k ***@***.***> wrote:
Hi,
I tried to run siege against an lighttpd with digest authentication.
That results in
HTTP/1.0 401 Unauthorized
WWW-Authenticate: Digest realm="###", charset="UTF-8", nonce="###", qop="auth"
Content-Type: text/html
Content-Length: 347
Connection: close
Date: Wed, 13 Oct 2021 10:56:28 GMT
Server: lighttpd/1.4.53
unknown key [charset]
zsh: segmentation fault (core dumped) siege -g http://###/
Sources:
- https://github.com/JoeDog/siege/blob/master/src/auth.c#L1103
-
https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/4b412797b80676d41dd08cc83d530d4b4710581d?style=split&whitespace=
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#200>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABJRHZSRGIHMP2NLHJDADOTUGVRKFANCNFSM5F44XAGQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
--
Jeff Fulmer
1-717-799-8226
https://www.joedog.org/
He codes
|
Sure:
|
Do you have a hunch as to what character is causing this?
…On Thu, Oct 14, 2021 at 4:30 AM User65k ***@***.***> wrote:
Sure:
PID: 17558 (siege)
Signal: 11 (SEGV)
Command Line: siege -g http://###/
Executable: /usr/bin/siege
Message: Process 17558 (siege) of user 1000 dumped core.
Stack trace of thread 17559:
#0 0x00007fa89850b12d __strcasecmp_l_avx (libc.so.6 + 0x15d12d)
#1 0x0000557c96fc1208 __get_h_a1.isra.0 (siege + 0x1e208)
#2 0x0000557c96fb196e auth_get_digest_header.part.0 (siege + 0xe96e)
#3 0x0000557c96fb48c9 http_get (siege + 0x118c9)
#4 0x0000557c96fb7f95 __http (siege + 0x14f95)
#5 0x0000557c96fb829c __http (siege + 0x1529c)
#6 0x0000557c96fb8c12 start (siege + 0x15c12)
#7 0x0000557c96faf191 crew_thread (siege + 0xc191)
#8 0x00007fa89892b299 start_thread (libpthread.so.0 + 0x9299)
#9 0x00007fa8984ae353 __clone (libc.so.6 + 0x100353)
Stack trace of thread 17558:
#0 0x00007fa898937a8a __futex_abstimed_wait_common64 (libpthread.so.0 + 0x15a8a)
#1 0x00007fa89892c793 __pthread_clockjoin_ex (libpthread.so.0 + 0xa793)
#2 0x0000557c96fabe31 main (siege + 0x8e31)
#3 0x00007fa8983d5b75 __libc_start_main (libc.so.6 + 0x27b75)
#4 0x0000557c96fad6fe _start (siege + 0xa6fe)
Stack trace of thread 17560:
#0 0x00007fa8983ec062 __sigtimedwait (libc.so.6 + 0x3e062)
#1 0x00007fa89893555c sigwait (libpthread.so.0 + 0x1355c)
#2 0x0000557c96fb0c4a sig_handler (siege + 0xdc4a)
#3 0x00007fa89892b299 start_thread (libpthread.so.0 + 0x9299)
#4 0x00007fa8984ae353 __clone (libc.so.6 + 0x100353)
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#200 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABJRHZXVXAJBGQPIND4IUWDUG2IKBANCNFSM5F44XAGQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
--
Jeff Fulmer
1-717-799-8226
https://www.joedog.org/
He codes
|
No, but maybe the registers help?
|
Seems like the |
Thanks, I'll check it out.
…On Mon, Oct 18, 2021 at 3:56 AM User65k ***@***.***> wrote:
Seems like the algorithm key is missing and thats causing the seg vault
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#200 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABJRHZXPRTHNGQ5TWBHEXT3UHPHK3ANCNFSM5F44XAGQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
--
Jeff Fulmer
1-717-799-8226
https://www.joedog.org/
He codes
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I tried to run siege against an lighttpd with digest authentication.
That results in
Sources:
The text was updated successfully, but these errors were encountered: