bip crash with "FATAL: Failed assetion in src/irc.c(2447): n

Here is the debdiff that contains the CVE backport from quantal.

I'm currently running with the above debdiff on my server, and all appears to be going well.

Uploaded with a few modifications.

Hello Dave, or anyone else affected,

Accepted bip into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/bip/0.8.8-1ubuntu0.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

The proposed package is now installed on my server machine. I will verify in a week if any more crashes have occurred.

Hi Stéphane - this should go through precise-security instead of precise-updates. Can we put a stop on the SRU process and allow a security team member sponsor this for precise-security?

Since this is a security fix, it needs to be built and released in the -security pocket.

I have rebuilt this as a security update, and have released it, superseding the -proposed package.

Thanks!

Well sorry to burst everyone's bubble, but my bip server just crashed again this morning.

The end of the log looks like this
05-11-2013 10:26:04 ERROR: Error in SSL handshake.
05-11-2013 10:26:04 ERROR: Error on fd 35 (state 3)
05-11-2013 10:26:04 ERROR: client read_lines error, closing...
....
06-11-2013 06:34:05 ERROR: Error in SSL handshake.
06-11-2013 06:34:05 ERROR: Error on fd 1022 (state 3)
06-11-2013 06:34:05 ERROR: client read_lines error, closing...
06-11-2013 06:34:10 ERROR: Error in SSL handshake.
06-11-2013 06:34:10 ERROR: Error on fd 1023 (state 3)
06-11-2013 06:34:10 ERROR: client read_lines error, closing...
06-11-2013 06:34:15 FATAL: accept failed: Too many open files

I think the fix is still necessary, as it clearly was never pulled from quantal, but I think there may be something else necessary as well.

So the patch appears to have fixed the failed assertion, but the source of the problem still appears to have been a file descriptor leak. Discussed upstream here.
https://projects.duckcorp.org/issues/261

I'm now testing with this additional fix. And things appear to be fixed. I'm not longer seeing broken file handles in /proc/<pid>/fd for bip.

I think we should include this additional fix before releasing to updates.

I'm fairly certain this issue is being caused by time warner *(or an attacker with a time warner IP) port scanning my machine. It's connecting to the port, failing the ssl handshake, and bip leaks the FD. Not sure if the SRU team or the security team wants to take the fix.

As this can be considered a DoS vulnerability here are the debdiffs for q, r, and s as well. Trusty already has this fix.

ACK on the debdiffs. I will push them as security updates with some minor changelog changes. Thanks!

This bug was fixed in the package bip - 0.8.8-1ubuntu0.3

---------------
bip (0.8.8-1ubuntu0.3) precise-security; urgency=low

  * SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
    socket, and never close the connection. (LP: #1247888)
    - debian/patches/sslfailurefdleak.patch: properly close connection in
      src/connection.c.
    - CVE number pending
 -- Dave Chiluk <email address hidden> Thu, 07 Nov 2013 14:50:18 -0600

This bug was fixed in the package bip - 0.8.8-2ubuntu0.13.04.1

---------------
bip (0.8.8-2ubuntu0.13.04.1) raring-security; urgency=low

  * SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
    socket, and never close the connection. (LP: #1247888)
    - debian/patches/sslfailurefdleak.patch: properly close connection in
      src/connection.c.
    - CVE number pending
 -- Dave Chiluk <email address hidden> Fri, 08 Nov 2013 10:57:55 -0600

This bug was fixed in the package bip - 0.8.8-2ubuntu1.1

---------------
bip (0.8.8-2ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
    socket, and never close the connection. (LP: #1247888)
    - debian/patches/sslfailurefdleak.patch: properly close connection in
      src/connection.c.
    - CVE number pending
 -- Dave Chiluk <email address hidden> Fri, 08 Nov 2013 11:02:00 -0600

This bug was fixed in the package bip - 0.8.8-2ubuntu0.12.10.1

---------------
bip (0.8.8-2ubuntu0.12.10.1) quantal-security; urgency=low

  * SECURITY UPDATE: Failed SSL handshake causes bip to write to a random
    socket, and never close the connection. (LP: #1247888)
    - debian/patches/sslfailurefdleak.patch: properly close connection in
      src/connection.c.
    - CVE number pending
 -- Dave Chiluk <email address hidden> Fri, 08 Nov 2013 11:06:30 -0600