Web Agent crashes when the FQDN requested is more than 256 chars

Document ID:  TEC1608399
Last Modified Date:  07/13/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Single Sign-On

Releases

  • CA Single Sign-On:Release:12.52 SP1

Components

  • SITEMINDER -WEB AGENT FOR APACHE:SMAPC
Issue:

I run a Web Agent, and if this one received a request for which the FQDN of the hostname is greater than 256 chars, then I see the Web Agent crashing.

 

WebAgentTrace.log

 

[10/12/2015][09:28:23][12761][1326524192][CSmHttpPlugin.cpp:475][CSmHttpPlugin::ProcessResource][00000000000000000000000013d4830a-31d9-561bb577-4f112720-461445bc7f27][][][][][][Resolved hostname: 'TestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServer.ca.com'.]

 

WebAgent.log

 

[12761/1326524192][Mon Oct 12 2015 09:28:21][CSmHighLevelAgent.cpp:192][INFO][sm-AgentFramework-00380] HLA: Initialization complete.

 

SunOne Web Server log :

 

catastrophe: CORE3260: Server crash detected (signal SIGSEGV)

 

Why is this happening ? How can I solve this ?

 

Cause:

The Web Agent doesn't impose restriction on the lenght of the Hostname, and as such it crashes.

Resolution:

Upgrade to Web Agent 12.52SP1CR04 to benifit the following fix which includes a correction for this crash too. It adds a limitation to the hostname lenght. Having this fix, you'll see the following lines :

 

WebAgentTrace.log

 

[10/13/2015][02:59:36][3559][2563987232][CSmHttpPlugin.cpp:399][CSmHttpPlugin::ProcessResource][00000000000000000000000013d4830a-0de7-561cabd8-98d35720-23033f6a11d3][][][][][][Resolved HTTP_HOST: 'TestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServer.ca.com'.]

 

[10/13/2015][02:59:36][3559][2563987232][CSmHttpPlugin.cpp:5254][Hostname length exceeds maximum length per RFC:1035 sHost: ][][][][][][][TestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServerTestWebServer.ca.com]

 

WebAgent.log

 

[3559/2563987232][Tue Oct 13 2015 02:59:36][CSmHttpPlugin.cpp:406][ERROR][sm-HTTPAgent-00030] Unable to resolve fully qualified host name. Exiting with HTTP 500 server error '00-0016'.

[3559/2563987232][Tue Oct 13 2015 02:59:36][CSmResourceManager.cpp:151][WARNING][sm-AgentFramework-00480] HLA: Missing resource data.

[3559/2563987232][Tue Oct 13 2015 02:59:36][CSmHttpPlugin.cpp:406][ERROR][sm-HTTPAgent-00030] Unable to resolve fully qualified host name. Exiting with HTTP 500 server error '00-0016'.

[3559/2563987232][Tue Oct 13 2015 02:59:36][CSmResourceManager.cpp:151][WARNING][sm-AgentFramework-00480] HLA: Missing resource data.

 

This fix is included in the following Fix: 

Vulnerability in SMAUTHREASON is Exposed to Attack

The web agent vulnerability in SMAUTHREASON with non-numeric data is exposed to JSP/JavaScript attack.

 STAR Issue: 21589939-01, 21474394-01

 RTC Issue: 137831, 137834/DE72676, DE72835

 

Vulnerability in SMAUTHREASON is Exposed to Attack

Additional Information:

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >

Chat with CA

Just give us some brief information and we'll connect you to the right CA ExpertCA sales representative.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing