Bug#462175: libc6: initgroups() segfaults
reassign 462175 libc6
retitle 462175 dpkg: calls initgroup() with user = NULL
thanks
Paul Martin a écrit :
> Package: libc6
> Version: 2.7-6
> Severity: important
>
> Investigating a problem with asterisk not starting, I found that
> start-stop-daemon was segfaulting when fed a group.
>
> /etc/nsswitch.conf has not been modified.
>
> /etc/group starts with the standard
>
> root:x:0:
> daemon:x:1:
> bin:x:2:
> sys:x:3:
> adm:x:4:
> tty:x:5:
> disk:x:6:
> lp:x:7:
> mail:x:8:
> news:x:9:
> uucp:x:10:
> man:x:12:
> proxy:x:13:
> kmem:x:15:
> ....
>
>
> root@thinkpad:/tmp# LD_LIBRARY_PATH=/usr/lib/debug/ gdb --args /tmp/start-stop-daemon --start --group bin --exec /bin/sleep -- 10
> GNU gdb 6.7.1-debian
> Copyright (C) 2007 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "i486-linux-gnu"...
> Using host libthread_db library "/usr/lib/debug/libthread_db.so.1".
> (gdb) run
> Starting program: /tmp/start-stop-daemon --start --group bin --exec /bin/sleep -- 10
>
> Program received signal SIGSEGV, Segmentation fault.
> *__GI_strcmp (p1=0xbfa09f17 "lp", p2=0x0) at strcmp.c:39
> 39 strcmp.c: No such file or directory.
> in strcmp.c
> (gdb) bt full
> #0 *__GI_strcmp (p1=0xbfa09f17 "lp", p2=0x0) at strcmp.c:39
> s1 = (const unsigned char *) 0xbfa09f18 "p"
> s2 = (const unsigned char *) 0x0
> c1 = 108 'l'
> c2 = 36 '$'
> #1 0xb7de5b6d in _nss_compat_initgroups_dyn (user=0x0, group=2, start=0xbfa0a3c0, size=0xbfa0a3e8, groupsp=0xbfa0a3e4, limit=65536, errnop=0xb7de989c)
> at nss_compat/compat-initgroups.c:216
> buflen = 1024
> tmpbuf = 0xbfa09f10 "lp"
> status = <value optimized out>
> intern = {files = 1, stream = 0x804f9a8, blacklist = {data = 0x0, current = 0, size = 0}}
> #2 0xb7e7cad6 in internal_getgrouplist (user=0x0, group=2, size=0xbfa0a3e8, groupsp=0xbfa0a3e4, limit=65536) at initgroups.c:105
> prev_start = 1
> cnt = <value optimized out>
> nip = (service_user *) 0x804e668
> fct = (initgroups_dyn_function) 0xb7de5940 <_nss_compat_initgroups_dyn>
> status = -1209697043
> no_more = <value optimized out>
> start = 1
> __PRETTY_FUNCTION__ = "internal_getgrouplist"
> #3 0xb7e7ccbd in initgroups (user=0x0, group=2) at initgroups.c:206
^^^^^^^^
This pointer is NULL.
Quoting the manpage:
The user argument must be non-NULL.
The bug is therefore not in the glibc, but in dpkg. Reassigning the bug
to dpkg.
--
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' aurel32@debian.org | aurelien@aurel32.net
`- people.debian.org/~aurel32 | www.aurel32.net
Reply to: