Issue Details (XML | Word | Printable)

Key: CORE-4643
Type: Bug Bug
Status: Open Open
Priority: Major Major
Assignee: Alexander Peshkov
Reporter: Pavel Zotov
Votes: 0
Watchers: 3

If you were logged in you would be able to see more operations.
Firebird Core

Memory leak in FB 3.0 under brute-force attack

Created: 19/Dec/14 06:44 PM   Updated: 24/Dec/14 02:22 PM
Component/s: Security
Affects Version/s: None
Fix Version/s: None

File Attachments: 1. Zip Archive (154 kB)

 Description  « Hide
 LI-T6.3.0.31474 Firebird 3.0 Beta 2

Batch for opening N windows with ISQLs, each generates random pair {login, password} and tries to connect:

----- brute-force.bat -----
@echo off

setlocal enabledelayedexpansion enableextensions

set winq=%1
@rem default number of windows:
if .%1.==.. set winq=10

@rem Replace with your own:

@rem where FB console utilities are:
set fbc=C:\1INSTALL\FB30SNAP

@rem Settings for connect:
set host=
set port=3333
set dbnm=oltp30

set sql=tmp-brute-force.sql
@rem Dummy command for isql immediately quit when login fails:
echo set list on; select * from mon$database;>%sql%

for /l %%i in (1, 1, %winq%) do (
   start /min brute-force-worker.bat %%i %fbc% %host% %port% %dbnm% %sql%
----- end of brute-force.bat -----

Worker batch that launches single ISQL (NB: env. variable %TEMP% has to be defined):
----- brute-force-worker.bat -----
@echo off
set sn=%1
set fbc=%2
set host=%3
set port=%4
set dbnm=%5
set sql=%6
set logdir=%temp%\hack30
md %logdir% 2>nul
set /a k=1000+%sn
set log=%logdir%\hack_%k:~1,3%.log
del %log% 2>nul
  echo window # %sn%
  echo #############
  set usr=%random%
  set pwd=%random%
  echo %time% before attempt to hack with usr=%usr% and pwd=%pwd%>>%log%
  @echo on
  %fbc%\isql %host%/%port%:%dbnm% -i %sql% -user %usr% -pas %pwd% 2>>%log% 1>>&2
  @echo off
  echo after attempt to hack: %time%>>%log%
goto m1
----- end of brute-force-worker.bat -----

brute-force.bat 150

Shell sctipt running on Linux for getting memory consumption of process 'firebird' (subdirectory 'logs' has to be exist):

$ cat
log=./logs/$fbn.memo_usage.$(date +'%y%m%d_%H%M%S').log
rm -f $log
while :
  supertee -a -n $log echo $(date +'%y%m%d_%H%M%S') $(pmap -d $(pgrep $fbn)|tail -1)
  sleep $relax

After brute-force.bat running several hours one may see that memory usage grows - see in attach files 'firebird-*.memo_usage*.log'.
I've run this test both on Release and Debug builds. The latter creates special debugu file 'memdebug' - it's also in attach.

PS. There is NO such problem on LI-V6.3.4.26821 Firebird 2.5.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Mark Rotteveel added a comment - 24/Dec/14 02:02 PM
Could you please use the actual Firebird version numbers, and not the 'legacy' version numbers reported for Interbase compatibility

Pavel Zotov added a comment - 24/Dec/14 02:22 PM

where do you see 'actual' and 'legacy' version numbers ?

I run isql from FB folder (i.e. on server), connect to database and get:

SQL> show version;
ISQL Version: LI-T3.0.0.31474 Firebird 3.0 Beta 2
Server version:
Firebird/Linux/AMD/Intel/x64 (access method), version "LI-T3.0.0.31474 Firebird 3.0 Beta 2"
Firebird/Linux/AMD/Intel/x64 (remote server), version "LI-T3.0.0.31474 Firebird 3.0 Beta 2/tcp (oel64)/P13"
Firebird/Linux/AMD/Intel/x64 (remote interface), version "LI-T3.0.0.31474 Firebird 3.0 Beta 2/tcp (oel64)/P13"
on disk structure version 12.0

Which kind of version number does ISQL report ?