Should legal app crashing XP be considered a security issue?

  • Thread starter Thread starter Roy Terry
  • Start date Start date
R

Roy Terry

I'm currently working
to troubleshoot an apparently
valid application that merely
creates a very large number of files
which causes xp pro to "hang"
in less than an hour. (It is not running
out of diskspace).

Should this be considered a
security type issue? I am asking
this question to gain perspective
on how to go about solving the issue.

Thanks,
Roy Terry

The orginal posting is
here.
http://groups-beta.google.com/group...84676ea8063/de4c88378e4fa1ce#de4c88378e4fa1ce

And I have also posted a general inquiry today in
microsoft.public.windowsxp.perform_maintain
 
i would say it would only be a security issue if such a program could be
placed on and run from your machine from outside. my guess... a resource
leak in the windows implimentation of tcl. monitor the process for some
resource type that isn't being reclaimed. probably more of a programming or
performance issue that security.
 
Roy said:
I'm currently working
to troubleshoot an apparently
valid application that merely
creates a very large number of files
which causes xp pro to "hang"
in less than an hour. (It is not running
out of diskspace).

Should this be considered a
security type issue? I am asking
this question to gain perspective
on how to go about solving the issue.
Click to expand...

Hi, Roy. I wouldn't say offhand that this is a security issue. If this
program is the only one that gives you a problem, it is probably
something with that particular application. What is its name? Can you
contact the app's tech support or look on the mftr.'s website to see if
this is a known issue? Did the program ever work correctly? If so, what
changed?

Malke
 
Malke said:
Hi, Roy. I wouldn't say offhand that this is a security issue. If this
program is the only one that gives you a problem, it is probably
something with that particular application. What is its name? Can you
contact the app's tech support or look on the mftr.'s website to see if
this is a known issue? Did the program ever work correctly? If so, what
changed?

Malke
Click to expand...

take a look at the link in the original post, its a tcl file system stress
test... creates 3600 files in a folder in an hour then creates a new folder
and starts over... probably some resource leak in tcl or how the test is
doing it.
 
Dave said:
i would say it would only be a security issue if such a program could be
placed on and run from your machine from outside. my guess... a resource
leak in the windows implimentation of tcl. monitor the process for some
resource type that isn't being reclaimed. probably more of a programming or
performance issue that security.
Click to expand...
Any suggestions as to tools or particular resources? I'm mainly using
procexp.exe from sysinternals.com. I'm looking at memory and at
handles - not sure what else I might need to be examining.

Thanks for your response.

Roy
 
Malke said:
Hi, Roy. I wouldn't say offhand that this is a security issue. If this
program is the only one that gives you a problem, it is probably
something with that particular application. What is its name? Can you
contact the app's tech support or look on the mftr.'s website to see if
this is a known issue? Did the program ever work correctly? If so, what
changed?
Click to expand...
Well I am the developer of the app as written in Tcl. I have also posted
the program to the comp.lang.tcl NG so I'm hoping for good clues
from those readers. It's definitely not a (commonly) known issue.

Cheers and thanks,
Roy
 
Dave said:
take a look at the link in the original post, its a tcl file system stress
test... creates 3600 files in a folder in an hour then creates a new folder
and starts over... probably some resource leak in tcl or how the test is
doing it.
Click to expand...
That's fairly close - thanks for checking up. Actually the app
creates about 300 files *per second* with each file in a separate folder.
Then the
next second it adds another file to each of the 300 directories. When the
clock hour changes it creates a new set of sibling folders and continues
at the same rate. Unfortunately in most tests I've run on XP pro it never
gets
to the second hour :)

I agree this looks like a resource leak of some
sort, Im just a bit uninformed about how to best nab the culprit. Is there a
"truss" like
tool for Windows XP? I am suspicious that Tcl is using the Windows i/o
calls in some
subtly "non-grooved" (non common) way that is exposing a bug in XP (or call
it a bug
in Tcl if you like - I just need to solve it :^) . Sensible?

Thanks,
Roy
 
Roy said:
Well I am the developer of the app as written in Tcl. I have also
posted the program to the comp.lang.tcl NG so I'm hoping for good
clues
from those readers. It's definitely not a (commonly) known issue.
Click to expand...

Thanks for clarifying. As you say, this isn't a common issue and you'll
get more help developer-to-developer since you all speak the same
language ;-).

Good luck,

Malke
 
In Roy Terry <[email protected]> had this to say:

My reply is at the bottom of your sent message:
Should this be considered a
security type issue? I am asking
this question to gain perspective
on how to go about solving the issue.
Click to expand...

This is POTENTIALLY heading into the realm of buffer overflow exploits my
good sir. A security problem? Does it run over a network or while a network
is in place? If it does then it it also slows the system down to the point
at which the buffer is full then it's open for exploitation. Likely? No.
Possible? Yes. Everything's a security vulnerability if you look at it
'right.' This seems to be potentially dangerous as it might be using system
resources that are better left to the OS as opposed to the application. Do
you have it set to run with an elevated priority like real time or high? If
so simply set it to normal. If not then at least recommend the user
disconnect from the 'net first.

Galen
 
Galen said:
In Roy Terry <[email protected]> had this to say:

My reply is at the bottom of your sent message:


This is POTENTIALLY heading into the realm of buffer overflow exploits my
good sir. A security problem? Does it run over a network or while a network
is in place? If it does then it it also slows the system down to the point
at which the buffer is full then it's open for exploitation. Likely? No.
Possible? Yes. Everything's a security vulnerability if you look at it
'right.' This seems to be potentially dangerous as it might be using system
resources that are better left to the OS as opposed to the application. Do
you have it set to run with an elevated priority like real time or high? If
so simply set it to normal. If not then at least recommend the user
disconnect from the 'net first.
Click to expand...
The program does not run at elevated priority, though typically
I am logged in as administrator when I run it. Should that
make a difference?
Re network, yes it runs in a small and private network of
cooperating machines but files get created locally
I'm wondering if people think saving, say 100 files per second
of average 50K size is too much to ask for XP pro to
do over a disk usage of say 500 GB. Will the MFT
handle it? (There is a max of 3600 files in any one directory)

Thanks,
Roy
 
Back
Top