[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug report on cdebconf: dpkg-preconfigure crashes with exit status 139



> Well, this is a public mailing list. :)

I realize now that many emails, about 20% in our case, that listed as package maintainers, are public mailing lists. That's unfortunate, but hopefully most reported bugs will not be security critical.

> I have a fix which I plan to push tonight along with a couple of other patches.

That's great! I'm impressed by how quickly you were able to produce a patch.

> One thing I noticed, however, is that, because some of the programs are
> only expected to be run as root, they return immediately if getuid()
> returns non-zero (e.g. dpkg-reconfigure from cdebconf) and do not
> actually get tested beyond this point. Alexandre, I don't know if this
> issue showed up already in your experiment.

You raised a good point. This is happening quite a bit, especially when analyzing /sbin. We are not able to analyze those programs yet, as we run as a normal user. This is on our todo list though.

Thanks,
The mayhem Team



On Wed, Jun 26, 2013 at 4:00 PM, Regis Boudin <regis@boudin.name> wrote:
Hi everyone,

On 26/06/13 19:41, Alexandre Rebert wrote:
> Hi,
>
> We found a crash in dpkg-preconfigure contained in the cdebconf package. You are being
> contacted because your are listed as one of the maintainer of cdebconf.
>
> We are planning to submit the bug to the Debian bug tracking system in two
> weeks. We wanted to give you a heads-up, so that you some time to assess the
> seriousness of the bug before it is publicly disclosed.
>
> The bug report that will be submitted to the bug tracker is available at the
> following url:
>
>   http://www.forallsecure.com/bug-reports/0b490c9cde588da20fd322f4f05ead920e705eb8/

I just had a look, and the problem was pretty simple to fix. I was
missing a check on $PATH being NULL before calling strdup() on it. I
have a fix which I plan to push tonight along with a couple of other
patches.

One thing I noticed, however, is that, because some of the programs are
only expected to be run as root, they return immediately if getuid()
returns non-zero (e.g. dpkg-reconfigure from cdebconf) and do not
actually get tested beyond this point. Alexandre, I don't know if this
issue showed up already in your experiment.

Regis


Reply to: