id crashed with SIGSEGV in sock_eq()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GLibC |
Unknown
|
Unknown
|
|||
glibc (Debian) |
Fix Released
|
Unknown
|
|||
glibc (Fedora) |
Fix Released
|
Undecided
|
|||
glibc (Ubuntu) |
Fix Released
|
High
|
Adam Conrad | ||
Xenial |
Fix Released
|
High
|
Adam Conrad |
Bug Description
[Impact]
The nss_hesiod nsswitch module, which worked in previous releases, does not work at all in Ubuntu 16.04. Enabling it causes NULL pointer dereferences in calls such as getpwuid(). This will prevent any user logins from succeeding in our environment of hundreds of workstations, which in turn blocks us from upgrading from 14.04 to 16.04.
[Test Case]
# sed -i 's/passwd: *compat/& hesiod/' /etc/nsswitch.conf
# cat > /etc/hesiod.conf <<EOF
lhs=.ns
rhs=.athena.mit.edu
EOF
# id andersk
Segmentation fault (core dumped)
Expected output: uid=39270(andersk) gid=101(…) groups=101(…).
[Regression Potential]
I wrote a 6-line patch that conditionalizes an errant res_nclose call. There is also a bigger upstream patch on the glibc 2.22 and 2.23 stable branches that entirely removes the unused abstraction that necessitated the res_nclose calls at all. Neither patch makes any changes outside of the glibc hesiod directory, which as of now is so thoroughly broken that there is nothing left to regress.
[Other Info]
ProblemType: Crash
DistroRelease: Ubuntu 16.04
Package: coreutils 8.25-2ubuntu2
ProcVersionSign
Uname: Linux 4.4.0-18-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.1-0ubuntu2
Architecture: amd64
CurrentDesktop: GNOME
Date: Sun Apr 17 22:39:06 2016
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/id
ExecutableTimes
InstallationDate: Installed on 2016-02-19 (58 days ago)
InstallationMedia: Ubuntu-GNOME 16.04 LTS "Xenial Xerus" - Alpha amd64 (20160218)
ProcCmdline: id andersk
ProcCwd: /home/anders
SegvAnalysis:
Segfault happened at: 0x7fef32217a88 <__libc_
PC (0x7fef32217a88) ok
source "%dx" ok
destination "(%rax)" (0x00000000) not located in a known VMA region (needed writable region)!
SegvReason: writing NULL VMA
Signal: 11
SourcePackage: coreutils
StacktraceTop:
sock_eq (a2=0x0, a1=0x7fef33b9daf4 <_res+20>) at res_send.c:1584
__libc_res_nsend (statp=
__GI___res_nsend (statp=<optimized out>, buf=buf@
get_txt_records (class=1, name=name@
hesiod_resolve (context=
Title: id crashed with SIGSEGV in sock_eq()
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm bumblebee cdrom dip libvirtd lpadmin plugdev sambashare sbuild sudo wireshark
Changed in glibc (Debian): | |
status: | Unknown → Confirmed |
Changed in glibc (Debian): | |
status: | Confirmed → Fix Released |
Changed in glibc (Ubuntu): | |
status: | Confirmed → Triaged |
description: | updated |
Changed in glibc (Ubuntu): | |
status: | Triaged → Fix Released |
Changed in glibc (Ubuntu Xenial): | |
status: | New → Confirmed |
Changed in glibc (Ubuntu Xenial): | |
importance: | Undecided → Medium |
Changed in glibc (Ubuntu Xenial): | |
status: | Confirmed → Triaged |
tags: | added: patch-accepted-debian patch-accepted-upstream |
description: | updated |
Changed in glibc (Debian): | |
status: | Fix Released → Confirmed |
Changed in glibc (Ubuntu): | |
importance: | Medium → High |
Changed in glibc (Ubuntu Xenial): | |
importance: | Medium → High |
Changed in glibc (Ubuntu Xenial): | |
assignee: | nobody → Adam Conrad (adconrad) |
Changed in glibc (Debian): | |
status: | Confirmed → Fix Released |
Changed in glibc (Fedora): | |
importance: | Unknown → Undecided |
status: | Unknown → Fix Released |
Created attachment 1061638
gdb "where full" results, plus a couple of variables
Description of problem:
With a working hesiod configuration, and hesiod enabled for group resolution, multiple applications are crashing while initializing a supplemental groups list.
Version-Release number of selected component (if applicable): 21.90-21. fc23.x86_ 64 8.24-2. fc23.x86_ 64 used to reproduce the bug
glibc-2.
coreutils-
How reproducible:
Always
Steps to Reproduce: redhat. com
1. cat > /etc/hesiod.conf << EOF
lhs=.hs
rhs=.devel.
EOF
2. Add "hesiod" as a source for "group" information in /etc/nsswitch.conf. Mine reads "files hesiod".
3. Run "groups nalin" or similar.
Actual results:
"groups" segfaults. I'll attach the gdb backtrace.
Expected results:
The expected groups list.
Additional info: