Ubuntu
pure-ftpd package

[SRU] pure-ftpd-postgresql 1.0.50 segfaults after client connects

Bug #2048764 reported by Disassembler
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pure-ftpd (Debian)
Fix Released
Unknown
pure-ftpd (Ubuntu)
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Lunar
Won't Fix
Undecided
Unassigned
Mantic
Fix Released
Undecided
Unassigned

Bug Description

[ Impact ]

pure-ftpd-postgresql is completely unusable as it will always segfault whenever any user tries to connect to the ftp server.

[ Test Plan ]

* Install pure-ftpd-postgresql and postgresql

* open /etc/pure-ftpd/db/postgresql.conf and modify PGSQLCrypt to use 'cleartext'

* use the command "sudo systemctl restart pure-ftpd-postgresql.service" to restart pure-ftpd which will now use the modified conf file.

* Use the following command to create the postgresql database which pure-ftpd will use.
  - sudo -u postgres createdb pureftpd

* Use the following command to use psql to connect the db
  - sudo -u postgres psql pureftpd

* while connected use the followwing commands:
  - ALTER USER postgres WITH PASSWORD 'rootpw';

  - CREATE TABLE "users" (
  "User" TEXT NOT NULL,
  "Password" TEXT NOT NULL,
  "Uid" INTEGER NOT NULL default '-1',
  "Gid" INTEGER NOT NULL default '-1',
  "Dir" TEXT NOT NULL,
  PRIMARY KEY ("User")
) WITHOUT OIDS;

  - insert into users values ('sudip', 'test', 1000, 1000, '/home/sudip');

  - enter \q to exit psql

* The above commands are for my test environment. Please modify username or cleartext password or uid or gid as appropriate for anyone else testing.

* Use the following command to connect to the ftp server:
  - ftp localhost
  - enter username and password as given in the psql insert command. For my environment, username is 'sudip', and password is 'test'.

* If the package is not fixed it will end with:
  421 Service not available, remote server has closed connection.
  ftp: Login failed

  and dmesg will show there was a segfault from pure-ftpd-postgresql

* With the fixed package, it will connect to the ftp server.

[ Where problems could occur ]

 * This is an upstream patch which is only changing the port number it is using to connect to the postgresql server. There is no other change. At the worst case, it will not be able to connect to the postgresql server and user will not be able to login to the ftp server.
 * It is already completely unusable for users, and this will not cause any more regression than what user experiences now.

[ Other Info ]

* All versions from v1.0.50 is affected so only Focal is unaffected.

[ Original Bug Description ]

This is essentially a duplicate of Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058796

After a client connects to pure-ftpd-postgresql 1.0.50, the server establishes the TLS connection, authenticates the user and segfaults immediately after that, interrupting the connection in the process.

```
$ lsb_release -rd
Description: Ubuntu 22.04.3 LTS
Release: 22.04
```

```
$ apt-cache policy pure-ftpd-postgresql
pure-ftpd-postgresql:
  Installed: 1.0.50-2.1
  Candidate: 1.0.50-2.1
  Version table:
 *** 1.0.50-2.1 500
        500 http://cz.archive.ubuntu.com/ubuntu jammy/universe amd64 Packages
        100 /var/lib/dpkg/status
```

```
Jan 9 10:26:42 info pure-ftpd-postgresql[497741]: Running: /usr/sbin/pure-ftpd-postgresql -l pgsql:/etc/pure-ftpd/db/postgresql.conf -A -D -J ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 -H -Y 1 -O clf:/var/log/pure-ftpd/transfer.log -u 1 -b -E -p 40000:49999 -B
Jan 9 10:26:42 info systemd[1]: Started pure-ftpd-postgresql.service.
Jan 9 10:26:52 info kernel: [347086.735293] pure-ftpd-postg[497765]: segfault at 1538 ip 00007f4f4dbb1ebc sp 00007ffe6df88698 error 4 in libc.so.6[7f4f4da28000+195000] likely on CPU 6 (core 3, socket 0)
Jan 9 10:26:52 info kernel: [347086.735338] Code: 00 00 00 00 00 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 89 f8 62 a1 fd 00 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 34 01 00 00 <62> f3 7d 20 3f 07 00 c5 fb 93 c0 85 c0 74 55 f3 0f bc c0 c3 f3 0f
Jan 9 10:26:57 info kernel: [347091.872524] pure-ftpd-postg[497779]: segfault at 1538 ip 00007f4f4dbb1ebc sp 00007ffe6df88698 error 4 in libc.so.6[7f4f4da28000+195000] likely on CPU 6 (core 3, socket 0)
Jan 9 10:26:57 info kernel: [347091.872562] Code: 00 00 00 00 00 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 89 f8 62 a1 fd 00 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 34 01 00 00 <62> f3 7d 20 3f 07 00 c5 fb 93 c0 85 c0 74 55 f3 0f bc c0 c3 f3 0f
Jan 9 10:36:24 info kernel: [347659.224784] pure-ftpd-postg[498601]: segfault at 1538 ip 00007f4f4dbb1ebc sp 00007ffe6df88698 error 4 in libc.so.6[7f4f4da28000+195000] likely on CPU 4 (core 2, socket 0)
Jan 9 10:36:24 info kernel: [347659.224806] Code: 00 00 00 00 00 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 89 f8 62 a1 fd 00 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 34 01 00 00 <62> f3 7d 20 3f 07 00 c5 fb 93 c0 85 c0 74 55 f3 0f bc c0 c3 f3 0f
Jan 9 10:36:30 info kernel: [347665.416357] pure-ftpd-postg[498611]: segfault at 1538 ip 00007f4f4dbb1ebc sp 00007ffe6df88698 error 4 in libc.so.6[7f4f4da28000+195000] likely on CPU 4 (core 2, socket 0)
Jan 9 10:36:30 info kernel: [347665.416396] Code: 00 00 00 00 00 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 89 f8 62 a1 fd 00 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 34 01 00 00 <62> f3 7d 20 3f 07 00 c5 fb 93 c0 85 c0 74 55 f3 0f bc c0 c3 f3 0f
```

The bug is already fixed in upstream via https://github.com/jedisct1/pure-ftpd/commit/c3f0f3c91d86939e6fabf5f65c6c6fc964e6032e

See original description
Bug Watch Updater (bug-watch-updater)
Changed in pure-ftpd (Debian):
status: Unknown → New
Revision history for this message
Sudip Mukherjee (sudipmuk) wrote :

I can reproduce the issue on Noble, Mantic, Lunar and Jammy. Also tested and confirmed that it works without any issue on Focal.

tags: added: jammy lunar mantic noble
Sudip Mukherjee (sudipmuk)
Changed in pure-ftpd (Ubuntu):
status: New → In Progress
Changed in pure-ftpd (Ubuntu Jammy):
status: New → In Progress
Changed in pure-ftpd (Ubuntu Lunar):
status: New → In Progress
Changed in pure-ftpd (Ubuntu Mantic):
status: New → In Progress
Changed in pure-ftpd (Ubuntu):
assignee: nobody → Sudip Mukherjee (sudipmuk)
Changed in pure-ftpd (Ubuntu Jammy):
assignee: nobody → Sudip Mukherjee (sudipmuk)
Changed in pure-ftpd (Ubuntu Lunar):
assignee: nobody → Sudip Mukherjee (sudipmuk)
Changed in pure-ftpd (Ubuntu Mantic):
assignee: nobody → Sudip Mukherjee (sudipmuk)
Revision history for this message
Sudip Mukherjee (sudipmuk) wrote :

debdiff for Noble attached.

summary: - pure-ftpd-postgresql 1.0.50 segfaults after client connects
+ [SRU] pure-ftpd-postgresql 1.0.50 segfaults after client connects
description: updated
Revision history for this message
Sudip Mukherjee (sudipmuk) wrote :

debdiff for Mantic attached.

Revision history for this message
Sudip Mukherjee (sudipmuk) wrote :

debdiff for Lunar attached.

Revision history for this message
Sudip Mukherjee (sudipmuk) wrote :

debdiff for Jammy attached.

Changed in pure-ftpd (Ubuntu):
status: In Progress → Confirmed
Changed in pure-ftpd (Ubuntu Jammy):
status: In Progress → Confirmed
Changed in pure-ftpd (Ubuntu Lunar):
status: In Progress → Confirmed
Changed in pure-ftpd (Ubuntu Mantic):
status: In Progress → Confirmed
Changed in pure-ftpd (Ubuntu):
assignee: Sudip Mukherjee (sudipmuk) → nobody
Changed in pure-ftpd (Ubuntu Jammy):
assignee: Sudip Mukherjee (sudipmuk) → nobody
Changed in pure-ftpd (Ubuntu Lunar):
assignee: Sudip Mukherjee (sudipmuk) → nobody
Changed in pure-ftpd (Ubuntu Mantic):
assignee: Sudip Mukherjee (sudipmuk) → nobody
Revision history for this message
Simon Chopin (schopin) wrote :

Uploaded to Noble, Mantic, Lunar and Jammy.

If it were only a patch for noble I'd have asked you to push the patch to Debian, but since we need it fixed in devel before considering doing SRUs and the Debian maintainer appears inactive, introducing a delta is the best bet. It'd still be a good idea to forward this patch to Debian, and maybe find a DD to NMU it?

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pure-ftpd - 1.0.50-2.1ubuntu1

---------------
pure-ftpd (1.0.50-2.1ubuntu1) noble; urgency=medium

  * Apply upstream patch to fix segfault by parsing
    port number properly. (LP: #2048764)

 -- Sudip Mukherjee <email address hidden> Tue, 09 Jan 2024 20:54:43 +0000

Changed in pure-ftpd (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Timo Aaltonen (tjaalton) wrote : Please test proposed package

Hello Disassembler, or anyone else affected,

Accepted pure-ftpd into mantic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pure-ftpd/1.0.50-2.1ubuntu0.23.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-mantic to verification-done-mantic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-mantic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in pure-ftpd (Ubuntu Mantic):
status: Confirmed → Fix Committed
tags: added: verification-needed verification-needed-mantic
Changed in pure-ftpd (Ubuntu Lunar):
status: Confirmed → Fix Committed
tags: added: verification-needed-lunar
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

Hello Disassembler, or anyone else affected,

Accepted pure-ftpd into lunar-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pure-ftpd/1.0.50-2.1ubuntu0.23.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-lunar to verification-done-lunar. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-lunar. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in pure-ftpd (Ubuntu Jammy):
status: Confirmed → Fix Committed
tags: added: verification-needed-jammy
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

Hello Disassembler, or anyone else affected,

Accepted pure-ftpd into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pure-ftpd/1.0.50-2.1ubuntu0.22.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Bug Watch Updater (bug-watch-updater)
Changed in pure-ftpd (Debian):
status: New → Fix Committed
Revision history for this message
Disassembler (disassembler-k) wrote :

I've installed 1.0.50-2.1ubuntu0.22.04.1 on Ubuntu 22.04 and I confirm the expected functionality - the FTP server no longer segfaults and accepts connections as expected.

tags: added: verification-done-jammy
removed: verification-needed-jammy
Bug Watch Updater (bug-watch-updater)
Changed in pure-ftpd (Debian):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Before we can release this for jammy we need someone to verify this for mantic as well.

Revision history for this message
Simon Chopin (schopin) wrote :

Verified in a mantic container:

ftp localhost
Connected to localhost.
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 13:20. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
Name (localhost:schopin): schopin
331 User schopin OK. Password required
Password:
230 OK. Current directory is /home/schopin
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ^D
221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
221 Logout.

tags: added: verification-done-mantic
removed: verification-needed-mantic
Revision history for this message
Brian Murray (brian-murray) wrote :

This was actually removed from lunar-proposed last week ago or so as Lunar is reaching its End of Life on Thursday. Subsequently, I am setting the Lunar task to Won't Fix.

Changed in pure-ftpd (Ubuntu Lunar):
status: Fix Committed → Won't Fix
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pure-ftpd - 1.0.50-2.1ubuntu0.23.10.1

---------------
pure-ftpd (1.0.50-2.1ubuntu0.23.10.1) mantic; urgency=medium

  * Apply upstream patch to fix segfault by parsing
    port number properly. (LP: #2048764)

 -- Sudip Mukherjee <email address hidden> Tue, 09 Jan 2024 21:25:59 +0000

Changed in pure-ftpd (Ubuntu Mantic):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for pure-ftpd has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pure-ftpd - 1.0.50-2.1ubuntu0.22.04.1

---------------
pure-ftpd (1.0.50-2.1ubuntu0.22.04.1) jammy; urgency=medium

  * Apply upstream patch to fix segfault by parsing
    port number properly. (LP: #2048764)

 -- Sudip Mukherjee <email address hidden> Tue, 09 Jan 2024 21:41:10 +0000

Changed in pure-ftpd (Ubuntu Jammy):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.