python3-apport regression: missing argument in Report.add_proc_environ call

Bug #1850929 reported by Mikael Magnusson on 2019-11-01
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apport (Ubuntu)
High
Unassigned

Bug Description

This is a regression in the 2.20.9-0ubuntu7.8 security update of apport

# lsb_release -rd
Description: Ubuntu 18.04.3 LTS
Release: 18.04

Reproduce the bug:

$ python3
Python 3.6.8 (default, Oct 7 2019, 12:59:55)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import apport
>>> import os
>>> report = apport.Report()
>>> report.add_proc_info(os.getpid(), extraenv=['PYTHONHOME', 'PYTHONPATH'])
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3/dist-packages/apport/report.py", line 543, in add_proc_info
    self.add_proc_environ(pid, extraenv)
  File "/usr/lib/python3/dist-packages/apport/report.py", line 610, in add_proc_environ
    env = _read_file('environ', dir_fd=proc_pid_fd).replace('\n', '\\n')
  File "/usr/lib/python3/dist-packages/apport/report.py", line 73, in _read_file
    with open(path, 'rb', opener=lambda path, mode: os.open(path, mode, dir_fd=dir_fd)) as fd:
  File "/usr/lib/python3/dist-packages/apport/report.py", line 73, in <lambda>
    with open(path, 'rb', opener=lambda path, mode: os.open(path, mode, dir_fd=dir_fd)) as fd:
TypeError: argument should be integer or None, not list

Patch below:

# diff -u /usr/lib/python3/dist-packages/apport/report.py /usr/lib/python3/dist-packages/apport/report.py.new
--- /usr/lib/python3/dist-packages/apport/report.py 2019-11-01 14:16:39.375968798 +0100
+++ /usr/lib/python3/dist-packages/apport/report.py.new 2019-11-01 14:17:58.035128006 +0100
@@ -540,7 +540,7 @@
             self['ProcCwd'] = os.readlink('cwd', dir_fd=proc_pid_fd)
         except OSError:
             pass
- self.add_proc_environ(pid, extraenv)
+ self.add_proc_environ(pid, proc_pid_fd, extraenv)
         self['ProcStatus'] = _read_file('status', dir_fd=proc_pid_fd)
         self['ProcCmdline'] = _read_file('cmdline', dir_fd=proc_pid_fd).rstrip('\0')
         self['ProcMaps'] = _read_maps(proc_pid_fd)

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: python3-apport 2.20.9-0ubuntu7.8
ProcVersionSignature: Ubuntu 4.15.0-58.64-generic 4.15.18
Uname: Linux 4.15.0-58-generic x86_64
ApportLog:

ApportVersion: 2.20.9-0ubuntu7.8
Architecture: amd64
CrashReports: 640:1000:1004:35152:2019-11-01 14:00:47.150214442 +0100:2019-11-01 14:00:47.150214442 +0100:/var/crash/_usr_bin_snimpy.1000.crash
Date: Fri Nov 1 14:18:16 2019
PackageArchitecture: all
SourcePackage: apport
UpgradeStatus: No upgrade log present (probably fresh install)

Mikael Magnusson (mikma) wrote :
tags: added: regression-update
Changed in apport (Ubuntu):
status: New → Confirmed
importance: Undecided → High
tags: added: id-5dbc822dcc0dac05a81cabce
tags: added: rls-bb-incoming
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.11-0ubuntu8.2

---------------
apport (2.20.11-0ubuntu8.2) eoan-security; urgency=medium

  * SECURITY REGRESSION: missing argument in Report.add_proc_environ
    call (LP: #1850929)
    - apport/report.py: call add_proc_environ using named arguments
      and move proc_pid_dir keyword to last to keep api compatibility.

 -- Tiago Stürmer Daitx <email address hidden> Tue, 05 Nov 2019 02:49:27 +0000

Changed in apport (Ubuntu):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.1-0ubuntu2.21

---------------
apport (2.20.1-0ubuntu2.21) xenial-security; urgency=medium

  * SECURITY REGRESSION: missing argument in Report.add_proc_environ
    call (LP: #1850929)
    - apport/report.py: call add_proc_environ using named arguments
      and move proc_pid_dir keyword to last to keep api compatibility.

 -- Tiago Stürmer Daitx <email address hidden> Tue, 05 Nov 2019 02:49:27 +0000

Changed in apport (Ubuntu):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.9-0ubuntu7.9

---------------
apport (2.20.9-0ubuntu7.9) bionic-security; urgency=medium

  * SECURITY REGRESSION: missing argument in Report.add_proc_environ
    call (LP: #1850929)
    - apport/report.py: call add_proc_environ using named arguments
      and move proc_pid_dir keyword to last to keep api compatibility.

 -- Tiago Stürmer Daitx <email address hidden> Tue, 05 Nov 2019 02:49:27 +0000

Changed in apport (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers