crash on broken lsb_output script

Bug #1855686 reported by Christian Ehrhardt  on 2019-12-09
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
open-vm-tools (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Unassigned
Disco
Undecided
Unassigned
Eoan
Undecided
Unassigned
Focal
Undecided
Unassigned

Bug Description

[Impact]

 * The bump to version 11 exposed an issue of a crash with lsb_output being broken.
 * The fix avoids the segfault by validating the pointer before usage

[Test Case]

 * Take a system that runs under VMWare (otherwise it will fast-path skip and exit before the bug)
 * Modify /usr/bin/lsb_release to remove e.g. the "-i" option (that would trigger the bug, see below for a diff)
 * (re)start the vmtoolsd service/program which will crash without the fix
 * This can be done via the service or directly calling the daemon
 * Please do note that the crash on my test system takes ~30 seconds so give it some time.

$ sudo time /usr/bin/vmtoolsd
Command terminated by signal 11
0.19user 0.05system 0:30.47elapsed 0%CPU (0avgtext+0avgdata 11532maxresident)k
0inputs+16outputs (0major+3794minor)pagefaults 0swaps

[Regression Potential]

 * The change makes a check before accessing a (potentially bad) pointer. That makes it every so
   slightly slower but it isn't a fast path anyway. The regression risk should therefore be rather
   low. I have discussed with upstream if there also should be a strlen check, but that was denied and we are following them on that.

[Other Info]

 * We stopped releasing v11 (bug 1844834), I'll generate the uploads in a way to have the bug 1844834 included as from a users POV it will be the first time v11 hits -updates. Only on Eoan where it is already released the changes file to upload will only cover the new bug.
 * Removed some whitespace damage from the upstream change

Diff to remove the -i option:
--- /usr/bin/lsb_release 2017-08-07 21:55:07.000000000 +0000
+++ /usr/bin/lsb_release.new 2019-12-09 10:32:18.335776254 +0000
@@ -29,9 +29,6 @@
     parser.add_option('-v', '--version', dest='version', action='store_true',
                       default=False,
                       help="show LSB modules this system supports")
- parser.add_option('-i', '--id', dest='id', action='store_true',
- default=False,
- help="show distributor ID")
     parser.add_option('-d', '--description', dest='description',
                       default=False, action='store_true',
                       help="show description of this distribution")
@@ -53,7 +50,7 @@
         parser.error("No arguments are permitted")

     short = (options.short)
- none = not (options.all or options.version or options.id or
+ none = not (options.all or options.version or
                 options.description or options.codename or options.release)

     distinfo = lsb_release.get_distro_information()
@@ -67,7 +64,7 @@
         else:
             print('LSB Version:\t' + ':'.join(verinfo))

- if options.id or options.all:
+ if options.all:
         if short:
             print(distinfo.get('ID', 'n/a'))
         else:

Related branches

Note: the crash reports rose to 6 in 18.04-proposed and 16 in 19.10.

Changed in open-vm-tools (Ubuntu Bionic):
status: New → Triaged
Changed in open-vm-tools (Ubuntu Disco):
status: New → Triaged
Changed in open-vm-tools (Ubuntu Eoan):
status: New → Triaged
Changed in open-vm-tools (Ubuntu Focal):
status: New → Triaged
description: updated
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package open-vm-tools - 2:11.0.1-3ubuntu1

---------------
open-vm-tools (2:11.0.1-3ubuntu1) focal; urgency=medium

  * d/p/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch: fix crash with
    uncommon lsb_output behavior (LP: #1855686)

 -- Christian Ehrhardt <email address hidden> Mon, 09 Dec 2019 11:03:56 +0100

Changed in open-vm-tools (Ubuntu Focal):
status: Triaged → Fix Released

FYI - this is in B/C/D-unapproved queues now

Hello Christian, or anyone else affected,

Accepted open-vm-tools into eoan-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/open-vm-tools/2:11.0.1-2ubuntu0.19.10.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-eoan to verification-done-eoan. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-eoan. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in open-vm-tools (Ubuntu Eoan):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-eoan
Changed in open-vm-tools (Ubuntu Disco):
status: Triaged → Fix Committed
tags: added: verification-needed-disco
Robie Basak (racb) wrote :

Hello Christian, or anyone else affected,

Accepted open-vm-tools into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/open-vm-tools/2:11.0.1-2ubuntu0.19.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in open-vm-tools (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed-bionic
Robie Basak (racb) wrote :

Hello Christian, or anyone else affected,

Accepted open-vm-tools into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/open-vm-tools/2:11.0.1-2ubuntu0.18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

I was running this on a VMWare guest with lsb_output modified as instructed above.
$ sudo time /usr/bin/vmtoolsd

The old version in proposed exposed the issue that was reported here.
The old version in current -updates did not.

I was verifying the following versions
B: 2:10.3.10-1~ubuntu0.18.04.1 - ok
B: 2:11.0.1-2ubuntu0.18.04.1 <- broken
B: 2:11.0.1-2ubuntu0.18.04.2 - ok
D: 2:11.0.1-2ubuntu0.19.04.2 - ok
E: 2:11.0.1-2ubuntu0.19.10.2 - ok

So that should fix the crash reports we have got.
Marking verified.

tags: added: verification-done verification-done-bionic verification-done-disco verification-done-eoan
removed: verification-needed verification-needed-bionic verification-needed-disco verification-needed-eoan
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package open-vm-tools - 2:11.0.1-2ubuntu0.19.10.2

---------------
open-vm-tools (2:11.0.1-2ubuntu0.19.10.2) eoan; urgency=medium

  * d/p/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch: fix crash with
    uncommon lsb_output behavior (LP: #1855686)

 -- Christian Ehrhardt <email address hidden> Mon, 09 Dec 2019 11:03:56 +0100

Changed in open-vm-tools (Ubuntu Eoan):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for open-vm-tools has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :
Download full text (4.3 KiB)

This bug was fixed in the package open-vm-tools - 2:11.0.1-2ubuntu0.19.04.2

---------------
open-vm-tools (2:11.0.1-2ubuntu0.19.04.2) disco; urgency=medium

  * d/p/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch: fix crash with
    uncommon lsb_output behavior (LP: #1855686)

open-vm-tools (2:11.0.1-2ubuntu0.19.04.1) disco; urgency=medium

  * Update to latest release v11 (LP: #1844834)
    - d/rules: Revert "Enable all compiler errors again" for the older
      compiler

open-vm-tools (2:11.0.1-2) unstable; urgency=medium

  * [76c600f] Fix segfault for fs devices without /
    See https://github.com/vmware/open-vm-tools/issues/378 for details.
    Thanks to Mo Zhou (Closes: #942692)

open-vm-tools (2:11.0.1-1) unstable; urgency=medium

  * [bb36e10] Update upstream source from tag 'upstream/11.0.1'
    Update to upstream version '11.0.1'
    with Debian dir 60c0d512096774b9a2a7cc9e4e94556b2893ae8a

open-vm-tools (2:11.0.0-2) unstable; urgency=medium

  * [4cfe383] Update Vcs-Git/Browser to point to salsa.
  * [bc253ad] Remove .travis.yml, add debian/.gitlab-ci.yml
  * [c92ca3a] Add add_patch.sh script to add patches from upstream.
  * [1d9b491] Add patch to remove deprecated inline functions
  * [3e2e307] Rename lintian-override file properly

open-vm-tools (2:11.0.0-1) unstable; urgency=medium

  [ goldstar611 ]
  * [c138871] Ensure VGAuthService starts after AppArmor
    https://gitlab.com/apparmor/apparmor/issues/13

  [ Bernd Zeimetz ]
  * [28ef841] New upstream version 11.0.0~0
  * [f78ed2d] New upstream version 11.0.0
    Closes: #940853
  * [19efc80] Revert "Revert "Removing libdumbnet-dev.""
    This reverts commit 31177fab964d92687501ab81774440a9b8d09e39.
  * [bc14a8b] snapshot changelog
  * [1c5e9ea] Dropping patches that were picked from upstream

open-vm-tools (2:10.3.10-3) unstable; urgency=medium

  [ Bernd Zeimetz ]
  * [19c646a] gcc9 compatibility.
    Upstream commit c68172ef7f2d4f116078e2aba82986a8cab0b16e (Closes: #925794)

  [ Christian Ehrhardt ]
  * [865763e] Fix other ftbfs with GCC-9
    * d/rules: disable address-of-packed-member gcc-9 warnings for pre 11.0 code
    (LP: #1842301)
    * d/rules: use modern syntax for disabling deprecated-declarations
    * d/p/gcc9-Remove-GLib-2.32-deprecated-APIs-from-tools.patch: stop using outdated GLib features
    Upstream commit a7c141fc
    * d/p/gcc9-drop-obsolete-G_INLINE_FUNC.patch: stop using deprecated GLib Macro
    * d/p/gcc9-GStaticRecMutex.patch: stop using deprecated GStaticRecMutex
    Upstream commit 19ca3e36
    * d/p/gcc9-build-error-in-vmblocktest.c.patch: avoid error due to stringop-truncation
    Upstream commit 553d1283

  [ Bernd Zeimetz ]
  * [0ce2ba2] Policy 4.0.1: The extra priority has been deprecated
  * [c8760c6] Bumping Standards-Version to 4.4.0
  * [a6ed8ce] Don't override dh_builddeb.
    debian-rules-should-not-use-custom-compression-settings
  * [bdfd8b5] Remove add_patch script
  * [be4d889] Update copyright years.
  * [9ac710e] Remove autotools-dev dependency.
  * [4296cf4] Fix permissions of udev rules file
  * [ed11c19] A new lintian override

open-vm-tools (2:10.3.10-2) unstable; urgency=medium

  [ Christian Ehrhardt ]
  * [d79cc9d] d/...

Read more...

Changed in open-vm-tools (Ubuntu Disco):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (6.0 KiB)

This bug was fixed in the package open-vm-tools - 2:11.0.1-2ubuntu0.18.04.2

---------------
open-vm-tools (2:11.0.1-2ubuntu0.18.04.2) bionic; urgency=medium

  * d/p/lp-1855686-Avoid-vmtoolsd-crash-in-HostInfo.patch: fix crash with
    uncommon lsb_output behavior (LP: #1855686)

open-vm-tools (2:11.0.1-2ubuntu0.18.04.1) bionic; urgency=medium

  * Update to latest release v11 (LP: #1844834)
    - d/rules: Revert "Enable all compiler errors again" for the older
      compiler

open-vm-tools (2:11.0.1-2) unstable; urgency=medium

  * [76c600f] Fix segfault for fs devices without /
    See https://github.com/vmware/open-vm-tools/issues/378 for details.
    Thanks to Mo Zhou (Closes: #942692)

open-vm-tools (2:11.0.1-1) unstable; urgency=medium

  * [bb36e10] Update upstream source from tag 'upstream/11.0.1'
    Update to upstream version '11.0.1'
    with Debian dir 60c0d512096774b9a2a7cc9e4e94556b2893ae8a

open-vm-tools (2:11.0.0-2) unstable; urgency=medium

  * [4cfe383] Update Vcs-Git/Browser to point to salsa.
  * [bc253ad] Remove .travis.yml, add debian/.gitlab-ci.yml
  * [c92ca3a] Add add_patch.sh script to add patches from upstream.
  * [1d9b491] Add patch to remove deprecated inline functions
  * [3e2e307] Rename lintian-override file properly

open-vm-tools (2:11.0.0-1) unstable; urgency=medium

  [ goldstar611 ]
  * [c138871] Ensure VGAuthService starts after AppArmor
    https://gitlab.com/apparmor/apparmor/issues/13

  [ Bernd Zeimetz ]
  * [28ef841] New upstream version 11.0.0~0
  * [f78ed2d] New upstream version 11.0.0
    Closes: #940853
  * [19efc80] Revert "Revert "Removing libdumbnet-dev.""
    This reverts commit 31177fab964d92687501ab81774440a9b8d09e39.
  * [bc14a8b] snapshot changelog
  * [1c5e9ea] Dropping patches that were picked from upstream

open-vm-tools (2:10.3.10-3) unstable; urgency=medium

  [ Bernd Zeimetz ]
  * [19c646a] gcc9 compatibility.
    Upstream commit c68172ef7f2d4f116078e2aba82986a8cab0b16e (Closes: #925794)

  [ Christian Ehrhardt ]
  * [865763e] Fix other ftbfs with GCC-9
    * d/rules: disable address-of-packed-member gcc-9 warnings for pre 11.0 code
    (LP: #1842301)
    * d/rules: use modern syntax for disabling deprecated-declarations
    * d/p/gcc9-Remove-GLib-2.32-deprecated-APIs-from-tools.patch: stop using outdated GLib features
    Upstream commit a7c141fc
    * d/p/gcc9-drop-obsolete-G_INLINE_FUNC.patch: stop using deprecated GLib Macro
    * d/p/gcc9-GStaticRecMutex.patch: stop using deprecated GStaticRecMutex
    Upstream commit 19ca3e36
    * d/p/gcc9-build-error-in-vmblocktest.c.patch: avoid error due to stringop-truncation
    Upstream commit 553d1283

  [ Bernd Zeimetz ]
  * [0ce2ba2] Policy 4.0.1: The extra priority has been deprecated
  * [c8760c6] Bumping Standards-Version to 4.4.0
  * [a6ed8ce] Don't override dh_builddeb.
    debian-rules-should-not-use-custom-compression-settings
  * [bdfd8b5] Remove add_patch script
  * [be4d889] Update copyright years.
  * [9ac710e] Remove autotools-dev dependency.
  * [4296cf4] Fix permissions of udev rules file
  * [ed11c19] A new lintian override

open-vm-tools (2:10.3.10-2) unstable; urgency=medium

  [ Christian Ehrhardt ]
  * [d79cc9d] ...

Read more...

Changed in open-vm-tools (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.