crash on broken lsb_output script
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
open-vm-tools (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Undecided
|
Unassigned | ||
Eoan |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* The bump to version 11 exposed an issue of a crash with lsb_output being broken.
* The fix avoids the segfault by validating the pointer before usage
[Test Case]
* Take a system that runs under VMWare (otherwise it will fast-path skip and exit before the bug)
* Modify /usr/bin/
* (re)start the vmtoolsd service/program which will crash without the fix
* This can be done via the service or directly calling the daemon
* Please do note that the crash on my test system takes ~30 seconds so give it some time.
$ sudo time /usr/bin/vmtoolsd
Command terminated by signal 11
0.19user 0.05system 0:30.47elapsed 0%CPU (0avgtext+0avgdata 11532maxresident)k
0inputs+16outputs (0major+
[Regression Potential]
* The change makes a check before accessing a (potentially bad) pointer. That makes it every so
slightly slower but it isn't a fast path anyway. The regression risk should therefore be rather
low. I have discussed with upstream if there also should be a strlen check, but that was denied and we are following them on that.
[Other Info]
* We stopped releasing v11 (bug 1844834), I'll generate the uploads in a way to have the bug 1844834 included as from a users POV it will be the first time v11 hits -updates. Only on Eoan where it is already released the changes file to upload will only cover the new bug.
* Removed some whitespace damage from the upstream change
Diff to remove the -i option:
--- /usr/bin/
+++ /usr/bin/
@@ -29,9 +29,6 @@
parser.
- parser.
- default=False,
- help="show distributor ID")
parser.
@@ -53,7 +50,7 @@
short = (options.short)
- none = not (options.all or options.version or options.id or
+ none = not (options.all or options.version or
distinfo = lsb_release.
@@ -67,7 +64,7 @@
else:
- if options.id or options.all:
+ if options.all:
if short:
else:
Related branches
- Rafael David Tinoco (community): Approve
- Canonical Server packageset reviewers: Pending requested
- git-ubuntu developers: Pending requested
-
Diff: 92 lines (+70/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch (+62/-0)
debian/patches/series (+1/-0)
- Rafael David Tinoco (community): Approve
- Canonical Server: Pending requested
- git-ubuntu developers: Pending requested
-
Diff: 106 lines (+72/-1)4 files modifieddebian/changelog (+7/-0)
debian/control (+2/-1)
debian/patches/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch (+62/-0)
debian/patches/series (+1/-0)
- Rafael David Tinoco (community): Approve
- Canonical Server: Pending requested
- git-ubuntu developers: Pending requested
-
Diff: 92 lines (+70/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch (+62/-0)
debian/patches/series (+1/-0)
- Rafael David Tinoco (community): Approve
- Canonical Server: Pending requested
- git-ubuntu developers: Pending requested
-
Diff: 92 lines (+70/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch (+62/-0)
debian/patches/series (+1/-0)
Note: the crash reports rose to 6 in 18.04-proposed and 16 in 19.10.