[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#462175: libc6: initgroups() segfaults

reassign 462175 libc6
retitle 462175 dpkg: calls initgroup() with user = NULL
thanks

Paul Martin a écrit :
> Package: libc6
> Version: 2.7-6
> Severity: important
> 
> Investigating a problem with asterisk not starting, I found that 
> start-stop-daemon was segfaulting when fed a group.
> 
> /etc/nsswitch.conf has not been modified.
> 
> /etc/group starts with the standard
> 
> root:x:0:
> daemon:x:1:
> bin:x:2:
> sys:x:3:
> adm:x:4:
> tty:x:5:
> disk:x:6:
> lp:x:7:
> mail:x:8:
> news:x:9:
> uucp:x:10:
> man:x:12:
> proxy:x:13:
> kmem:x:15:
> ....
> 
> 
> root@thinkpad:/tmp# LD_LIBRARY_PATH=/usr/lib/debug/ gdb --args /tmp/start-stop-daemon --start --group bin --exec /bin/sleep -- 10
> GNU gdb 6.7.1-debian
> Copyright (C) 2007 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "i486-linux-gnu"...
> Using host libthread_db library "/usr/lib/debug/libthread_db.so.1".
> (gdb) run
> Starting program: /tmp/start-stop-daemon --start --group bin --exec /bin/sleep -- 10
> 
> Program received signal SIGSEGV, Segmentation fault.
> *__GI_strcmp (p1=0xbfa09f17 "lp", p2=0x0) at strcmp.c:39
> 39      strcmp.c: No such file or directory.
>         in strcmp.c
> (gdb) bt full
> #0  *__GI_strcmp (p1=0xbfa09f17 "lp", p2=0x0) at strcmp.c:39
>         s1 = (const unsigned char *) 0xbfa09f18 "p"
>         s2 = (const unsigned char *) 0x0
>         c1 = 108 'l'
>         c2 = 36 '$'
> #1  0xb7de5b6d in _nss_compat_initgroups_dyn (user=0x0, group=2, start=0xbfa0a3c0, size=0xbfa0a3e8, groupsp=0xbfa0a3e4, limit=65536, errnop=0xb7de989c)
>     at nss_compat/compat-initgroups.c:216
>         buflen = 1024
>         tmpbuf = 0xbfa09f10 "lp"
>         status = <value optimized out>
>         intern = {files = 1, stream = 0x804f9a8, blacklist = {data = 0x0, current = 0, size = 0}}
> #2  0xb7e7cad6 in internal_getgrouplist (user=0x0, group=2, size=0xbfa0a3e8, groupsp=0xbfa0a3e4, limit=65536) at initgroups.c:105
>         prev_start = 1
>         cnt = <value optimized out>
>         nip = (service_user *) 0x804e668
>         fct = (initgroups_dyn_function) 0xb7de5940 <_nss_compat_initgroups_dyn>
>         status = -1209697043
>         no_more = <value optimized out>
>         start = 1
>         __PRETTY_FUNCTION__ = "internal_getgrouplist"
> #3  0xb7e7ccbd in initgroups (user=0x0, group=2) at initgroups.c:206
                                ^^^^^^^^
                                This pointer is NULL.


Quoting the manpage:
       The user argument must be non-NULL.

The bug is therefore not in the glibc, but in dpkg. Reassigning the bug
to dpkg.

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net
Reply to: