segmentation fault when opening fd
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | python-apt (Debian) |
Fix Released
|
Unknown
|
||
| | python-apt (Ubuntu) |
High
|
Unassigned | ||
| | Xenial |
High
|
Unassigned | ||
| | Bionic |
High
|
Unassigned | ||
| | Focal |
High
|
Unassigned | ||
| | Groovy |
High
|
Unassigned | ||
Bug Description
[Impact]
USN-4668-1 introduced a regression in python-apt when using certain APIs with a file handle.
[Test case]
# Landscape scenario:
1) On the Landscape server, create a package profile that installs a single package, 'hello' is enough.
2) On the Landscape server, apply the package profile to a client
3) On the Landscape client, verify that there is no segfault message on '/var/log/kern.log'
4) On the Landscape server, verify that the activity to apply the package profile ends with success.
Step 3) would show a segfault and step 4), the activity would stay 'In Progress' forever.
# dak scenario:
dak crashes with a segmentation fault in python3-apt when processing
uploads or processing the NEW queue on ftp-master; and also on my
playground server (used to generate the backtrace).
[Where problems could occurs]
[Other info]
See Debian bug:
https:/
Fix:
https:/
| Eric Desrochers (slashd) wrote : | #1 |
| tags: | added: seg sts |
| Changed in python-apt (Ubuntu Groovy): | |
| importance: | Undecided → High |
| Changed in python-apt (Ubuntu Focal): | |
| importance: | Undecided → High |
| Changed in python-apt (Ubuntu Xenial): | |
| importance: | Undecided → High |
| Changed in python-apt (Ubuntu): | |
| importance: | Undecided → High |
| Changed in python-apt (Ubuntu Bionic): | |
| importance: | Undecided → Critical |
| importance: | Critical → High |
| David Negreira (dnegreira) wrote : | #2 |
Hello,
I have tested with the test package 1.6.5ubuntu0.
Steps to test:
1) On the LDS server, create a package profile that installs a single package, 'hello' is enough.
2) On the LDS server, apply the package profile to a client
3) On the LDS client, verify that there is no segfault message on '/var/log/kern.log'
4) On the LDS server, verify that the activity to apply the package profile ends with success.
Before ~slashd fix, step 3) would show a segfault and step 4), the activity would stay 'In Progress' forever.
| description: | updated |
| Julian Andres Klode (juliank) wrote : | #3 |
Yes the security team has the packages ready to go out for a week now essentially.
| Eric Desrochers (slashd) wrote : | #4 |
This package is 'native' and I don't want for instance to introduce 'quilt' before talking to the maintainer.
@julian, how do you want to proceed to fix this bug in python-apt ?
- Eric
| description: | updated |
| Julian Andres Klode (juliank) wrote : | #5 |
They prepared the updates on the same day as the fix (well the full regression fix with the follow-up commits) but did not roll out the fix so far because only dak reported a regression and codesearch did not yield any other users of that interface.
| Julian Andres Klode (juliank) wrote : | #6 |
Eric, the updates are built ready in the security team PPA since Dec 10 and only need to be released. I've subscribed security team, but you might want to talk to them directly.
| Eric Desrochers (slashd) wrote : | #7 |
@julian, thanks for the quick reply. Will do.
| Changed in python-apt (Ubuntu): | |
| status: | New → Fix Released |
| description: | updated |
| Eric Desrochers (slashd) wrote : | #8 |
This is fixed in active development release (hirsute):
python-apt (2.1.7) unstable; urgency=medium
* SECURITY UPDATE: various memory and file descriptor leaks (LP: #1899193)
- python/arfile.cc, python/generic.h, python/tag.cc, python/tarfile.cc:
fix file descriptor and memory leaks
- python/
Avoid reference cycle with control,data members in apt_inst.DebFile
objects
- tests/test_
testable)
* Regression fixes for the updates merged too:
- arfile.cc: Fix segmentation fault when opening fd, track lifetime correctly
(Closes: #977000)
- arfile: Regression: Collect file<->deb/ar reference cycles
| Marc Deslauriers (mdeslaur) wrote : | #9 |
There are updates for this issue built in the security team PPA here:
https:/
| David Negreira (dnegreira) wrote : | #10 |
I have run tests on Xenial, Bionic and Focal, exactly the same as on comment #2, this time with the packages from the ubuntu-
| Launchpad Janitor (janitor) wrote : | #11 |
This bug was fixed in the package python-apt - 2.1.3ubuntu1.3
---------------
python-apt (2.1.3ubuntu1.3) groovy-security; urgency=medium
* REGRESSION UPDATE: Passing a file descriptor to apt_inst.ArFile or
apt_
- python/arfile.cc: Fix segmentation fault when opening fd, track
lifetime correctly
-- Marc Deslauriers <email address hidden> Thu, 10 Dec 2020 09:43:25 -0500
| Changed in python-apt (Ubuntu Groovy): | |
| status: | New → Fix Released |
| Launchpad Janitor (janitor) wrote : | #12 |
This bug was fixed in the package python-apt - 1.1.0~beta1ubun
---------------
python-apt (1.1.0~
* REGRESSION UPDATE: Passing a file descriptor to apt_inst.ArFile or
apt_
- python/arfile.cc: Fix segmentation fault when opening fd, track
lifetime correctly
-- Marc Deslauriers <email address hidden> Thu, 10 Dec 2020 09:48:37 -0500
| Changed in python-apt (Ubuntu Xenial): | |
| status: | New → Fix Released |
| Launchpad Janitor (janitor) wrote : | #13 |
This bug was fixed in the package python-apt - 1.6.5ubuntu0.5
---------------
python-apt (1.6.5ubuntu0.5) bionic-security; urgency=medium
* REGRESSION UPDATE: Passing a file descriptor to apt_inst.ArFile or
apt_
- python/arfile.cc: Fix segmentation fault when opening fd, track
lifetime correctly
-- Marc Deslauriers <email address hidden> Thu, 10 Dec 2020 09:48:08 -0500
| Changed in python-apt (Ubuntu Bionic): | |
| status: | New → Fix Released |
| Launchpad Janitor (janitor) wrote : | #14 |
This bug was fixed in the package python-apt - 2.0.0ubuntu0.
---------------
python-apt (2.0.0ubuntu0.
* REGRESSION UPDATE: Passing a file descriptor to apt_inst.ArFile or
apt_
- python/arfile.cc: Fix segmentation fault when opening fd, track
lifetime correctly
-- Marc Deslauriers <email address hidden> Thu, 10 Dec 2020 09:46:50 -0500
| Changed in python-apt (Ubuntu Focal): | |
| status: | New → Fix Released |
| Changed in python-apt (Debian): | |
| status: | Unknown → Fix Released |
The current situation of python-apt is somewhat critical as no packages can be pushed via Landscape to machines at the moment. This is causing landscape-
[apport-retrace]
Core was generated by `/usr/bin/python3 /usr/bin/
Program terminated with signal SIGSEGV, Segmentation fault.
#0 ararchive_new (type=0x7f65262
at python/
This seems to be a fix candidate:
https:/
https:/
- Eric