Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

 
SOLVED
Go to solution
Thomas Ritter
Respected Contributor

F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Most of our VMS accounts have over 130 VMS rights identifiers granted. Using the lexical function F$GETJPI("","PROCESS_RIGHTS") results in
"%DCL-W-BUFOVF, command buffer overflow - shorten expression or command line"

Is there an available technique which will allow the usage of F$GETJPI("","PROCESS_RIGHTS") with such a long list of identifiers ?

Sincerely,
Thomas


24 REPLIES 24
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Hi Thomas,

What version of VMS are you on ?

V7.3-2 introduced Extended DCL (EDCL), which increased command size limits of the command line interpreter (CLI) as follows:

Structure Old New Size Limits
Interactive DCL 255 4095 bytes
DCL commands in file 1024 8192 bytes
DCL symbols 1024 8192 bytes

Also, the library routines LIB$DO_COMMAND LIB$GET_COMMAND LIB$GET_FOREIGN LIB$GET_SYMBOL LIB$SET_SYMBOL were increase accordingly.

If you're not planning to upgrade or are no this version and have exceeded these new values, then the only alternative I can think of is to rename some of the PROCESS_RIGHTS identidifers to have shorter names (UAF RENAME/ID), in order to keep the user with the most rights within the current limits.

Regards,
John.
Don't do what Donny Dont does
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Hopefully this posted comparision will read better...

Structure Old New Size Limits
-------------------------------------------
Interactive DCL 255 4095 bytes
DCL commands in file 1024 8192 bytes
DCL symbols 1024 8192 bytes

Note that logical limits remain unchanged

J.
Don't do what Donny Dont does
Karl Rohwedder
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

To get a stable solution regardless of limits and number of idents granted, you can e.g. use a procedure to read the rights and define DCL symbols. I attached a possible example as a starter.

regards Kalle
Thomas Ritter
Respected Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

We run vms 7.3-2. I want to be able to use the lexical function f$getjpi with our long list of rights identifiers. Alternatively I will write a C routine, implemented as a foreign command do what I would prefer f$getjpi do for me.
We cannot change the names or length of the identifiers. That would be an application change. It just a pity that the process_rights argument is limited by the DCL string length. At most we would have to store upto 4,000 characters.
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Hi Thomas, the only other option I can think of (assuming the rights aren't holder hidden (if I remember correctly!) is doing something like

$ pipe show process/id=pid/right | search/nooutput/nowarning sys$input " rights_identifier "
$ if $severity .eqs. "3" then ... rights_identifier_not_present...

or some dcl to that effect.

Hope this helps
John.
Don't do what Donny Dont does
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

One thing about my last post is that I put a space in front of and after the rights_identifier I'm $SEARCHing on, to prevent a mismatch.

e.g.
User has NET$TRACEALLREMOTE and I search on NET$TRACEALL, I'll get a match unless I use these spaces, simple but not obvious.

J.
Don't do what Donny Dont does
Thomas Ritter
Respected Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

I was really hoping someone would respond with something like "Hi Thomas, there is a new sysgen parameter for customizing DCL symbol lengths. Change this sysgen parameter DCL_MAX_SYMBOL_LENTH from 1024 to 8192 and reboot. The lexical f$getjpi("","PROCESS_RIGHTS") will be able to store the rights identifiers of any of your processes."

:(

John, thanks for your suggestions.
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

:-)

All I can suggest is try emailing Guy Peleg (Mr DCL) at dcl@hp.com your thoughts.

I've always recieved a reply from Guy that's had some thought put into it! You never know, it could be something they're working on!

Best
John.
Don't do what Donny Dont does
Jan van den Ende
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Thomas,

are you SURE that the F$GETJPI the problem is??

On ou system, ( 7.3-2 patches until november 2005)

$ xxx = f$fao("!8000*Y")
generates NO error.
$ show symbol xxx
does, as does
$ write sys$output xxx
but
$ write /symbol sys$output xxx
works fine.
$ yyy = f$extract(7000,1000,xxx)
$ sho sym yyy
is fine
$ xxx = xxx + "ABCDEFG"
is fine
$ f$locate("B",xxx) gives 8001, as expected
but no way to get
$ zzz = xxx - "B"
to work.

Symbols up to just over 8000 simple WORK OK.

But not all manipulations on them do!

If you compose your rights list stream, first just cut it up in 1000 char pieces.
Operate on them
(of course you will have to code around the break.


We had your same problem, way back when strings COULD be 4 K, but most string handling functions were limited to 255 char.
We routinely had rightslist strings over 1 K then.

Nowadays a big portion of our users have RIGHTS_LIST strings of over 1 K, some over 2K
(we were unlucky enough to DISCOVER the 7.3-1 bug that corrupted nonpagedpool if the string grew over 4 K )


hth

Proost.

Have one on me.

jpe

Don't rust yours pelled jacker to fine doll missed aches.
Thomas Ritter
Respected Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Hi Jan, consider this mockup SYSTEM account.
$ sh process/rights

6-JUL-2006 10:04:32.99 User: SYSTEM Process ID: 0003C518
Node: secret Process name: "system!r2"

Process rights:
SYSTEM resource
INTERACTIVE
REMOTE
DDAL$TR_MON
DFU_ALLPRIV
MQM resource
VMS$MEM_RESIDENT_USER
SYS_PROCESS_TEST_001
SYS_PROCESS_TEST_002
SYS_PROCESS_TEST_003
SYS_PROCESS_TEST_004
SYS_PROCESS_TEST_005
SYS_PROCESS_TEST_006
SYS_PROCESS_TEST_007
SYS_PROCESS_TEST_008
SYS_PROCESS_TEST_009
SYS_PROCESS_TEST_010
SYS_PROCESS_TEST_011
SYS_PROCESS_TEST_012
SYS_PROCESS_TEST_013
SYS_PROCESS_TEST_014
SYS_PROCESS_TEST_015
SYS_PROCESS_TEST_016
SYS_PROCESS_TEST_017
SYS_PROCESS_TEST_018
SYS_PROCESS_TEST_019
SYS_PROCESS_TEST_020
SYS_PROCESS_TEST_021
SYS_PROCESS_TEST_022
SYS_PROCESS_TEST_023
SYS_PROCESS_TEST_024
SYS_PROCESS_TEST_025
SYS_PROCESS_TEST_026
SYS_PROCESS_TEST_027
SYS_PROCESS_TEST_028
SYS_PROCESS_TEST_029
SYS_PROCESS_TEST_030
SYS_PROCESS_TEST_031
SYS_PROCESS_TEST_032
SYS_PROCESS_TEST_033
SYS_PROCESS_TEST_034
SYS_PROCESS_TEST_035
SYS_PROCESS_TEST_036
SYS_PROCESS_TEST_037
SYS_PROCESS_TEST_038
SYS_PROCESS_TEST_039
SYS_PROCESS_TEST_040
SYS_PROCESS_TEST_041
SYS_PROCESS_TEST_042
SYS_PROCESS_TEST_043
SYS_PROCESS_TEST_044
SYS_PROCESS_TEST_045
SYS_PROCESS_TEST_046
SYS_PROCESS_TEST_047
SYS_PROCESS_TEST_048
SYS_PROCESS_TEST_049
SYS_PROCESS_TEST_050
SYS_PROCESS_TEST_051
SYS_PROCESS_TEST_052
SYS_PROCESS_TEST_053
SYS_PROCESS_TEST_054
SYS_PROCESS_TEST_055
SYS_PROCESS_TEST_056
SYS_PROCESS_TEST_057
SYS_PROCESS_TEST_058
SYS_PROCESS_TEST_059
SYS_PROCESS_TEST_060
SYS_PROCESS_TEST_061
SYS_PROCESS_TEST_062
SYS_PROCESS_TEST_063
SYS_PROCESS_TEST_064
SYS_PROCESS_TEST_065
SYS_PROCESS_TEST_066
SYS_PROCESS_TEST_067
SYS_PROCESS_TEST_068
SYS_PROCESS_TEST_069
SYS_PROCESS_TEST_070
SYS_PROCESS_TEST_071
SYS_PROCESS_TEST_072
SYS_PROCESS_TEST_073
SYS_PROCESS_TEST_074
SYS_PROCESS_TEST_075
SYS_PROCESS_TEST_076
SYS_PROCESS_TEST_077
SYS_PROCESS_TEST_078
SYS_PROCESS_TEST_079
SYS_PROCESS_TEST_080
SYS_PROCESS_TEST_081
SYS_PROCESS_TEST_082
SYS_PROCESS_TEST_083
SYS_PROCESS_TEST_084
SYS_PROCESS_TEST_085
SYS_PROCESS_TEST_086
SYS_PROCESS_TEST_087
SYS_PROCESS_TEST_088
SYS_PROCESS_TEST_089
SYS_PROCESS_TEST_090
SYS_PROCESS_TEST_091
SYS_PROCESS_TEST_092
SYS_PROCESS_TEST_093
SYS_PROCESS_TEST_094
SYS_PROCESS_TEST_095
SYS_PROCESS_TEST_096
SYS_PROCESS_TEST_097
SYS_PROCESS_TEST_098
SYS_PROCESS_TEST_099
SYS_PROCESS_TEST_100
SYS_PROCESS_TEST_101
SYS_PROCESS_TEST_102
SYS_PROCESS_TEST_103
SYS_PROCESS_TEST_104
SYS_PROCESS_TEST_105
SYS_PROCESS_TEST_106
SYS_PROCESS_TEST_107
SYS_PROCESS_TEST_108
SYS_PROCESS_TEST_109
SYS_PROCESS_TEST_110
SYS_PROCESS_TEST_111
SYS_PROCESS_TEST_112
SYS_PROCESS_TEST_113
SYS_PROCESS_TEST_114
SYS_PROCESS_TEST_115
SYS_PROCESS_TEST_116
SYS_PROCESS_TEST_117
SYS_PROCESS_TEST_118
SYS_PROCESS_TEST_119
SYS_PROCESS_TEST_120
SYS_PROCESS_TEST_121
SYS_PROCESS_TEST_122
SYS_PROCESS_TEST_123
SYS_PROCESS_TEST_124
SYS_PROCESS_TEST_125
SYS_PROCESS_TEST_126
SYS_PROCESS_TEST_127
SYS_PROCESS_TEST_128
SYS_PROCESS_TEST_129
SYS_PROCESS_TEST_130
SYS_PROCESS_TEST_131
SYS_PROCESS_TEST_132
SYS_PROCESS_TEST_133
SYS_PROCESS_TEST_134
SYS_PROCESS_TEST_135
SYS_PROCESS_TEST_136
SYS_PROCESS_TEST_137
SYS_PROCESS_TEST_138
SYS_PROCESS_TEST_139
SYS_PROCESS_TEST_140
SYS_PROCESS_TEST_141
SYS_PROCESS_TEST_142
SYS_PROCESS_TEST_143
SYS_PROCESS_TEST_144
SYS_PROCESS_TEST_145
SYS_PROCESS_TEST_146
SYS_PROCESS_TEST_147
SYS_PROCESS_TEST_148
SYS_PROCESS_TEST_149
SYS_PROCESS_TEST_150
SYS_PROCESS_TEST_151

System rights:
SYS$NODE_SECRET

Soft CPU Affinity: off
$ write sys$output f$getjpi("","process_rights")
%DCL-W-BUFOVF, command buffer overflow - shorten expression or command line
$ x = f$getjpi("","process_rights")
%DCL-W-BUFOVF, command buffer overflow - shorten expression or command line

I remove the identifiers

wizdv!r2> SH PROCESS/RIGHT

6-JUL-2006 10:09:14.94 User: SYSTEM Process ID: 00041B1D
Node: SECRET
Process name: "system!r2"

Process rights:
SYSTEM resource
INTERACTIVE
REMOTE
DDAL$TR_MON
DFU_ALLPRIV
MQM resource
VMS$MEM_RESIDENT_USER

System rights:
SYS$NODE_SECRET

Soft CPU Affinity: off
$ WRITE SYS$OUTPUT F$GETJPI("","PROCESS_RIGHTS")
SYSTEM,INTERACTIVE,REMOTE,DDAL$TR_MON,DFU_ALLPRIV,MQM,VMS$MEM_RESIDENT_USER



The size of the processes' rights identifier is the problem. I used a command procedure to grant and revoke the identifiers.
:)
Guy Peleg
Respected Contributor
Solution

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Hi Thomas,

This is a bug !!

well...maybe not a bug but a design
limitation.....no...it's a bug ;-)

When I designed EDCL I restricted the
lexical functions to use the old buffer
size. If you use one of the cluster aware
lexical functions (like F$GETJPI) and you
are operating on a non-EDCL node, DCL
sends large buffer over the network which
eventually will result in the non edcl
system choking and the operation will fail.

Lately I removed part of the restriction
and local lexical functions (like F$TYPE)
now use large buffers. This change is
shipping with the latest DCL ECO for V7.3-2.

John Brodribb brought this problem
to my attention and I'm working on a fix
for the cluster aware lexicals. Should
be ready within few days.

Guy
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

There you go Thomas! I knew Guy would have the answer !! :-) 10 point to him !!

J.
Don't do what Donny Dont does
Jan van den Ende
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Thomas,

the only fifference I was able to spot between your command and ours is that we use RIGHTSLIST instead of PROCESS_RIGHTS.
If that is significant I can not test right now :-(

fwiw

Proost.

Have one on me.

jpe
Don't rust yours pelled jacker to fine doll missed aches.
Thomas Ritter
Respected Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Great new :) This would make for some new elegant DCL procedures.

Jan, RIGHTSLIST and PROCESS_RIGHTS exhibit the same behaviour. Add more identifiers to you tested VMS account.

Guy, how big will the buffer be ?

John, thanks for you comments.

Thanks to the HP Support team in Sydney.

Sincerely,
Thomas
Guy Peleg
Respected Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Hi Thomas,

The new buffer length is 4K (4096 bytes).

Talk to your support team in Sydney, they
have a new DCL image waiting for you ;-)

Guy
Robert Gezelter
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Guy,

I do not like to add to the work list, but the point that was made earlier is valid. Even with the EDCL symbol length, there will be situations where the results of F$GETJPI on RIGHTLIST will exceed the extended buffer.

The elegrant solution would be to be able to use a context parameter (e.g., F$SEARCH) to iterate through the RIGHTLIST (or similar lists) one at a time. Alternatively, a function (or subfunction) that took an identifier and its attribute and returned TRUE or FALSE (e.g. F$PRIVILEGE for RIGHTSLIST).

As environments get more complex, with increasing security requirements, we are likely to see this appear with increasing frequency.

- Bob Gezelter, http://www.rlgsc.com
Jan van den Ende
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Count this as one vote of support for Bob's proposal!

Proost.

Have one on me.

jpe
Don't rust yours pelled jacker to fine doll missed aches.
Karl Rohwedder
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Here's another vote for it...

regards Kalle
John Abbott_2
Esteemed Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

We're increasingly using process rights, I suspect we'll hit this problem in a couple of years.

John.
Don't do what Donny Dont does
Ian Miller.
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

I have submitted this as a issue at
http://www.hpuseradvocacy.org/

When it eventally appears then parhaps you could vote for it. Five votes will get it offically submitted to hp.

____________________
Purely Personal Opinion
Robert Gezelter
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Ian,

What subcategory did you enter it in?

- Bob Gezelter, http://www.rlgsc.com
Ian Miller.
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

www.hpuseradvocacy.org
Category OpenVMS/Management Tools and Administration/Security

but it won't appear until the moderators approve it.
____________________
Purely Personal Opinion
Thomas Ritter
Respected Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

The new dcl.exe has been installed. It works.

I'm impressed. If you need edcl on vms 7.3-2 for f$getjpi( ,"process_rights") to work with big process rights identifier lists, then contact your support center.

Thanks for all for the interest and support.

Thomas.
Jon Pinkley
Honored Contributor

Re: F$GETJPI("","PROCESS_RIGHTS") %DCL-W-BUFOVF, command buffer overflow

Thomas,

Did you ever upgrade to 8.3? I am seeing this behaviour on an Alpha 8.3 system patched current as of about 1 year ago (20-Nov-2009). Nothing in the recent patch release notes indicated this has been fixed since then.

I am guessing I will need to log a call, but it seems very odd that this fix wasn't included in patches to 8.3, (or possibly it was patches that broke it).

The system in question has VMS83A_UPDATE-V1000, released 9-JUN-2009, plus all other patches as of Nov 20, 2009. Update V1000 included the latest DCL patch, VMS83A_DCL-V0300, released 27-JUN-2008.

So it appears that Guy Peleg's patch never made it into the main stream.

So the question is, is anyone aware of a patch for 8.3, and if so a reference number to held support find it.

Thomas, did you record the call sequence number associated with the patch you got? If not, what does analyze image report?

Here's what the affected system's DCL.EXE from Alpha 8.3 + Update v1000 + patches has:

$ anal/imag/sel=(build,ident,link) sys$system:dcl.exe
SYS$COMMON:[SYSEXE]DCL.EXE;1
"XBCA-0080070008"
"X-52"
28-MAY-2008 15:44:20.62
$

The maximum length it will return is 1022 bytes.

$ pr=f$getjpi("","PROCESS_RIGHTS")
$ write sys$output f$len(pr)
1022
$ uaf rename/id jons_cms1 jons_cms12 ! add one character to the name of a held identifier
%UAF-I-RDBMDFYMSG, identifier JONS_CMS1 modified
$ pr=f$getjpi("","PROCESS_RIGHTS")
%DCL-W-BUFOVF, command buffer overflow - shorten expression or command line
$ uaf rename/id jons_cms12 jons_cms ! back to original name (before it was renamed to jons_cms1)
%UAF-I-RDBMDFYMSG, identifier JONS_CMS12 modified
$ pr=f$getjpi("","PROCESS_RIGHTS")
$ write sys$output f$len(pr)
1021
$

Jon
it depends