Observed Buffer Corruption in Tuxedo Sever Only on HP-UX Env When Length Is 232 Or High

(Doc ID 2302353.1)

Last updated on SEPTEMBER 01, 2017

Applies to:

Oracle Service Architecture Leveraging Tuxedo (SALT) - Version 12.1.3 and later
Information in this document applies to any platform.

Symptoms

On SALT 12.1.3 version, data corruption happen when the string is grater then 232 characters, the following error occurs only on HP-UX.

ERROR
-----------------------

125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1605: TRACE: Exiting <TRACE_FSM>
125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1609: TRACE: :::<GW_GET_ALL_RDOM>:::enforcement check completed
125818.u30904!GWWS.28330.1.0: ERROR: _ecc_encrypt_custom error code -3
125818.u30904!AUTHSVR_SALT.6195.1.0: User is: user01
125818.u30904!AUTHSVR_SALT.6195.1.0: Ticket are: ÷6ŖĒFŧÚUģ´øÖ$éŧ<oÍd^¤lá#įi)9nĮNTŋ'Ü+Ąõķ{ LTfâåĄ÷ÖŌYŊa4ļæûŲÎ
  $Ē'áũMAĸøåsŪãü2 ėbÃfŧ^YEBÔĐÍuį2k~wYņ¨)ÜÍqbF"6hĐZy
ļdãŨÚî!nöVę2EÁO¤5Ŗ!Ķđ8ā.Î×ITĀũNdgBô¯d´ũúhũSŊ3ę_Ømúõ.žŊpBĻØ]%Dë
125818.u30904!AUTHSVR_SALT.6195.1.0: Clientname is: GWWSCLIENT
PuTTY125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1610: TRACE: :::<GW_GET_ALL_RDOM>:::authentication completed
125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1605: TRACE: Exiting





STEPS
-----------------------
The issue can be reproduced at will with the following steps:

Server side:
===========

1. Setup the environment as per sample $TUXDIR/samples/salt/secsapp

2. In UBB comment the default AUTHSVR and configure AUTHSVR_SALT custom
server complete UBB is attached:

*RESOURCES
SECURITY USER_AUTH
AUTHSVC "AUTHSVC_SALT"

*SERVERS
AUTHSVR_SALT SRVGRP=WSGRP
  SRVID=100
  CLOPT="-A"

3. Build the custom AUTH serevr 'AUTHSVR_SALT' source code 'AUTHSVR.c' is attached. This code just read the user and password from buffer and print on ULOG like below:

buildserver -f AUTHSVR.c -o AUTHSVR_SALT -s AUTHSVC_SALT

164708.tapastest.idc.oracle.com!GWWS.2853.2065635072.0: TRACE:ws:SCO[4095] FSM State Transition:--OK-->WSSEPolicyC
  heck1
164708.tapastest.idc.oracle.com!AUTHSVR_SALT.2857.3104723392.0: User is: tapas
164708.tapastest.idc.oracle.com!AUTHSVR_SALT.2857.3104723392.0: Ticket are: Tapaspassword
164708.tapastest.idc.oracle.com!AUTHSVR_SALT.2857.3104723392.0: Clientname is: GWWSCLIENT
164708.tapastest.idc.oracle.com!GWWS.2853.2065635072.0: TRACE:ws:SCO[4095] FSM State Transition: --OK-->WSRMHandle1

4. Boot the server by 'tmboot -y'

5. Generate the WSDL file using the follwing command:
tmwsdlgen -c secsapp.wsdf -o stockapp.wsdl

Client side:
============
6. On client side use SoapUI configure the Authentication I have provided the screenshot:
A. Add the attached WSDL 'stockapp.wsdl' which is created from secsapp server application.
B. Select Auth tab on bottom left of SOAP Request window.
C. In authorization drop down list, choose "Add new ..." and then Choose "basic .."
D. In Pre-emptive auth choose "authenticate pre-emptively"
E. Provide Username and Password

If the Password is set below 232 character then there is no issue, if it more then 232 then password printed in ULOG "Ticket are" which is junk, provided output from customer environment:

125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1605: TRACE: Exiting <TRACE_FSM>
125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1609: TRACE: :::<GW_GET_ALL_RDOM>:::enforcement check completed
125818.u30904!GWWS.28330.1.0: ERROR: _ecc_encrypt_custom error code -3
125818.u30904!AUTHSVR_SALT.6195.1.0: User is: user01
125818.u30904!AUTHSVR_SALT.6195.1.0: Ticket are:
÷6REFtÚUg´øÖ$ét<oÍd^¤lá#ii)9nINT?'Ü+Aõk{ LTfâåA÷ÖOY?a4læûUÎ
  
  $E'áuMA?øåsUãü2 ebÃft^YEBÔÐÍui2k~wYn¨)ÜÍqbF"6hÐZy
ldãUÚî!nöVe2EÁO¤5R!Kd8a.Î×ITAuNdgBô¯d´uúhuS?3e_Ømúõ.¿?pBLØ]%Dë
125818.u30904!AUTHSVR_SALT.6195.1.0: Clientname is: GWWSCLIENT
125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1610: TRACE: :::<GW_GET_ALL_RDOM>:::authentication completed
125818.u30904!GWWS.28330.5.0: TRACE:ws:GWWS_CAT:1605: TRACE: Exiting

Environment:

wsadmin -v
INFO: Oracle SALT, Version 12.1.3.0.0, 64-bit, Patch Level 018
INFO: Oracle Tuxedo, Version 12.1.3.0.0, 64-bit, Patch Level 055

OS: HP-UX Itanium V 11.31

Issue is observed in HP-UX environment, on OEL 6 this issue is not happening.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms