[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#967938: libc6: systemd-sysusers SEGV due to glibc bug in fgetgsent

* Aurelien Jarno:

> On 2020-08-06 06:08, Jinpu Wang wrote:
>> Hi Florian,
>> 
>> On Wed, Aug 5, 2020 at 6:44 PM Florian Weimer <fw@deneb.enyo.de> wrote:
>> >
>> > * Jinpu Wang:
>> >
>> > > Dear Maintainer:
>> > >
>> > > Sorry, add some missing information below:
>> > >
>> > > After update to Buster, the systemd-sysusers are segfaulting every time.
>> > > After search around, I found following bugreport in glibc
>> > > https://sourceware.org/legacy-ml/libc-alpha/2016-06/msg01015.html
>> > >
>> > > I backported to the fix to 2.28-10, it fixed the problem.
>> > >
>> > > glibc upstream have a different fix for it in 2.32, see
>> > >  https://sourceware.org/bugzilla/show_bug.cgi?id=20338
>> > >
>> > > I think it's still easier to backport the fix in msg01015.html to 2.28 version,
>> > > patch attached in the initial report.
>> >
>> > The patch from 2016 is incomplete because it does not seek back to the
>> > original file position, so the next call of fgetsgent_r skips over the
>> > entry that could not be fully parsed.
>> Thanks for quick response,  can you provide a minimum bugfix, which
>> can be easily backported to old version like 2.28?
>
> I think we do not want to diverge from the upstream fix, even if it is a
> bit more work to backport. We first need to fix it in bullseye/sid and
> then we can try to get this in the next buster stable release.

I can backport it to upstream release branches, all the way to version
2.28.  Would that help?

I plan to add local copies of the new functions, so that the
GLIBC_PRIVATE ABI remains unchanged.

But I have other commitments, so that may not happen until
September-ish.

>> as you also make the bug 20338 as a security hole.
>
> It is marked as "security-", so it is *not* considered as a security
> issue (as the content of this file is trusted).

That's right.
Reply to: