ps segfault when users have large numbers of group memberships (procps 3.2.8)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
procps (Ubuntu) |
In Progress
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* Users with large numbers of groups will cause ps to segfault. This can happen when directory services such as Active directory or possibly others like ldap are in use.
* The upload expands buffer sizes to be in line with upstream procps.
[Test Case]
* Using a directory service create a user that belongs to a very large number of groups.
* run ps. Which will segfault.
* these should allow someone who is not familiar with the affected
package to reproduce the bug and verify that the updated package fixes
the problem.
[Regression Potential]
* Regressions are highly unlikely as only buffer sizes were changed to be in line with commit 7933435584aa1fd
[Other Info]
* This fix is not in quantal or raring, but should be available in saucy assuming the version of procps in there is greater than 3.3.4
When a user logs in via ssh with a large number of group memberships it causes a seg fault when running ps (procps version 3.2.8).
Description: Ubuntu 12.04.2 LTS
Release: 12.04
procps:
Installed: 1:3.2.8-11ubuntu6
Candidate: 1:3.2.8-11ubuntu6
Version table:
*** 1:3.2.8-11ubuntu6 0
500 http://
100 /var/lib/
Expected results: ps completes and returns to prompt
PID TTY TIME CMD
12707 pts/1 00:00:00 sudo
12708 pts/1 00:00:00 bash
Actual results:
PID TTY TIME CMD
12707 pts/1 00:00:00 sudo
12708 pts/1 00:00:00 bash
Signal 11 (SEGV) caught by ps (procps version 3.2.8).
Here is the end of a strace on a ps:
mmap(NULL, 135168, PROT_READ|
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
mremap(
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
write(2, "\n\nSignal 11 (SEGV) caught by ps "..., 132
Signal 11 (SEGV) caught by ps (procps version 3.2.8).
Please send bug reports to <email address hidden> or <email address hidden>
) = 132
exit_group(139)
Here is the debian bug report on it.
http://
It looks like the 12.10 repos have the newer version of the procps and libprocps0 packages which address the problem.
My question being can these newer version be put into place for 12.04 or am I stuck trying to manually intall a newer version fro the 12.10 repos or something along those lines to fix this issue.
description: | updated |
Changed in procps (Ubuntu): | |
status: | Incomplete → In Progress |
I'm having trouble reproducing this locally. Can you provide step by step instruction on how you can create this issue on a new install? (Please try reproducing with local users/groups only, no network dependencies).
If you cannot, could you provide the output of these commands to help me reproduce it myself:
getent group > groupoutput
getent passwd > passwdoutput
ps-ng aux > psoutput
If you need to replace some of the names for security reasons thats ok. Thanks!