Crash due to SSqore Category API, Trying to Categorize Forged Domain of size greater than 255 Char
Posted: Wed Feb 19, 2020 10:53 am
Hello All,
I Accidentally Found an UNExpected & UnLogged Crash in SafeSquid Service.
While I was working adding websites to private categories.
I accidentally pasted a string of characters(copied from a file) into the Website name field and clicked on search,
and after that, I saw nothing was responding, I then checked SafeSquid Service Status, SafeSquid Service was DEAD.
I went through the Logs and saw the below lines
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2020 02 19 16:07:57.323 [4] profiles: Time Profiles: Added Profile: YOUTUBE STREAMING HOURS
2020 02 19 16:07:57.323 [4] debug: header: header_get:1024 from client[192.168.0.17]
2020 02 19 16:07:57.323 [4] debug: header: [IP:192.168.0.17] [request:23] header_get(client):
POST http://safesquid.cfg/ HTTP/1.1
Host: safesquid.cfg
Proxy-Connection: keep-alive
Content-Length: 303
Pragma: no-cache
Cache-Control: no-cache
Accept: application/xml, text/xml, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://safesquid.cfg
Referer: http://safesquid.cfg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
2020 02 19 16:07:57.323 [4] debug: network: net_filebuf_read: 192.168.0.17 -> safesquid.cfg [303.000B in 0.0100ms] [speed: 30.3000MBps] loops:1 BPR:303
2020 02 19 16:07:57.323 [4] debug: request: buffered: POSTDATA:303 bytes
2020 02 19 16:07:57.323 [4] debug: interface: [IP:192.168.0.17] [http://safesquid.cfg:80/]
2020 02 19 16:07:57.323 [4] debug: interface: invoke_handler:89 [category_manager]
2020 02 19 16:07:57.323 [4] debug: category: private categorization: categories :[none]
2020 02 19 16:07:57.323 [4] debug: module: ssqore:categorise a.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Test Case [String Used for Testing]
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
a.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log Lines in Syslog
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Feb 19 16:07:57 proxy248-190 kernel: [346704.661119] traps: safesquid[2774] general protection ip:7f925434da4a sp:7f924d6ba5c0 error:0 in libc-2.19.so[7f925423f000+1be000]
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Closing Thoughts:
------------------------
I am personally Not Sure due to what the Crash happened.
But it resulted in some very UnExpected results.
As per the log lines, SSQORE web categorization is where the logs stopped.
In order to find the Root Cause,
I went to another machine and did the same Test, BUT there was NO Crash.
The ONLY difference between both these machines are they use Different Categorization Engine and the CRASH was due to SSQORE Categorization Engine.
In any Ways, There should be a Proper Validation on the Input, A forged Domain that does not EXIST should not be categorized as it may lead to UNExpected Results and CRASH as well.
Such Forged Domains if added to Private Category, might Break any other Feature in any other Section.
Client-Side Validation, as well as Server-Side Validation, needs to be done on these kinds of Problematic cases.
Logs are attached below:
I Accidentally Found an UNExpected & UnLogged Crash in SafeSquid Service.
While I was working adding websites to private categories.
I accidentally pasted a string of characters(copied from a file) into the Website name field and clicked on search,
and after that, I saw nothing was responding, I then checked SafeSquid Service Status, SafeSquid Service was DEAD.
I went through the Logs and saw the below lines
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2020 02 19 16:07:57.323 [4] profiles: Time Profiles: Added Profile: YOUTUBE STREAMING HOURS
2020 02 19 16:07:57.323 [4] debug: header: header_get:1024 from client[192.168.0.17]
2020 02 19 16:07:57.323 [4] debug: header: [IP:192.168.0.17] [request:23] header_get(client):
POST http://safesquid.cfg/ HTTP/1.1
Host: safesquid.cfg
Proxy-Connection: keep-alive
Content-Length: 303
Pragma: no-cache
Cache-Control: no-cache
Accept: application/xml, text/xml, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://safesquid.cfg
Referer: http://safesquid.cfg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
2020 02 19 16:07:57.323 [4] debug: network: net_filebuf_read: 192.168.0.17 -> safesquid.cfg [303.000B in 0.0100ms] [speed: 30.3000MBps] loops:1 BPR:303
2020 02 19 16:07:57.323 [4] debug: request: buffered: POSTDATA:303 bytes
2020 02 19 16:07:57.323 [4] debug: interface: [IP:192.168.0.17] [http://safesquid.cfg:80/]
2020 02 19 16:07:57.323 [4] debug: interface: invoke_handler:89 [category_manager]
2020 02 19 16:07:57.323 [4] debug: category: private categorization: categories :[none]
2020 02 19 16:07:57.323 [4] debug: module: ssqore:categorise a.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Test Case [String Used for Testing]
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
a.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Log Lines in Syslog
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Feb 19 16:07:57 proxy248-190 kernel: [346704.661119] traps: safesquid[2774] general protection ip:7f925434da4a sp:7f924d6ba5c0 error:0 in libc-2.19.so[7f925423f000+1be000]
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Closing Thoughts:
------------------------
I am personally Not Sure due to what the Crash happened.
But it resulted in some very UnExpected results.
As per the log lines, SSQORE web categorization is where the logs stopped.
In order to find the Root Cause,
I went to another machine and did the same Test, BUT there was NO Crash.
The ONLY difference between both these machines are they use Different Categorization Engine and the CRASH was due to SSQORE Categorization Engine.
In any Ways, There should be a Proper Validation on the Input, A forged Domain that does not EXIST should not be categorized as it may lead to UNExpected Results and CRASH as well.
Such Forged Domains if added to Private Category, might Break any other Feature in any other Section.
Client-Side Validation, as well as Server-Side Validation, needs to be done on these kinds of Problematic cases.
Logs are attached below: