Ubuntu
rlinetd package

rlinetd crashed with SIGABRT in __libc_message()

Bug #1057645 reported by urusha on 2012-09-27

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	rlinetd (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

rlinetd crashes every time I try to make tftp (udp) connection, tested with atftpd and tftpd-hpa. Telnet (tcp) seems to work fine. Precise version (0.8-1) works fine too.

# lsb_release -rd
Description: Ubuntu quantal (development branch)
Release: 12.10

# LANG=C apt-cache policy rlinetd
rlinetd:
  Installed: 0.8.2-1
  Candidate: 0.8.2-1
  Version table:
*** 0.8.2-1 0
        500 http://ru.archive.ubuntu.com/ubuntu/ quantal/universe amd64 Packages
        100 /var/lib/dpkg/status

How to reproduce:
# apt-get install atftpd rlinetd tftp-hpa
### create config (see #993101)
# cat > /etc/rlinetd.d/tftp_udp
service "tftp_udp" {
enabled yes;
protocol udp;
port "tftp";
user "nobody";
exec "/usr/sbin/in.tftpd /srv/tftp";
server "/usr/sbin/tcpd";
wait yes;
}
^D
# mkdir /tftpboot
# echo "test" > /tftpboot/somefile
# service rlinetd restart
# tftp 127.0.0.1 -c get somefile

ProblemType: Crash
DistroRelease: Ubuntu 12.10
Package: rlinetd 0.8.2-1
ProcVersionSignature: Ubuntu 3.5.0-15.23-generic 3.5.4
Uname: Linux 3.5.0-15-generic x86_64
ApportVersion: 2.5.2-0ubuntu4
Architecture: amd64
Date: Thu Sep 27 21:06:12 2012
ExecutablePath: /usr/sbin/rlinetd
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Alpha amd64 (20120201.1)
ProcCmdline: /usr/sbin/rlinetd
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
LANG=ru_RU.UTF-8
Signal: 6
SourcePackage: rlinetd
StacktraceTop:
raise () from /lib/x86_64-linux-gnu/libc.so.6
abort () from /lib/x86_64-linux-gnu/libc.so.6
?? () from /lib/x86_64-linux-gnu/libc.so.6
__fortify_fail () from /lib/x86_64-linux-gnu/libc.so.6
__chk_fail () from /lib/x86_64-linux-gnu/libc.so.6
Title: rlinetd crashed with SIGABRT in raise()
UpgradeStatus: Upgraded to quantal on 2012-09-15 (12 days ago)
UserGroups:

== Regression details ==
Discovered in version: 0.8.2-1
Last known good version: 0.8-1

See original description

Tags:

Revision history for this message

urusha (urusha) wrote on 2012-09-27:

Dependencies.txt Edit (2.8 KiB, text/plain; charset="utf-8")
Disassembly.txt Edit (854 bytes, text/plain; charset="utf-8")
ProcMaps.txt Edit (5.5 KiB, text/plain; charset="utf-8")
ProcStatus.txt Edit (753 bytes, text/plain; charset="utf-8")
Registers.txt Edit (695 bytes, text/plain; charset="utf-8")
Stacktrace.txt Edit (1003 bytes, text/plain; charset="utf-8")
ThreadStacktrace.txt Edit (1.0 KiB, text/plain; charset="utf-8")

Revision history for this message

Apport retracing service (apport) wrote on 2012-09-27:

StacktraceTop:
__libc_message (do_abort=2, fmt=0x7f9235b6a49c "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:201
__GI___fortify_fail (msg=<optimized out>) at fortify_fail.c:38
__GI___chk_fail () at chk_fail.c:29
__fdelt_chk (d=<optimized out>, d@entry=1024) at fdelt_chk.c:26
listeners_clear (j=<optimized out>) at ../../src/engine.c:184

Revision history for this message

Apport retracing service (apport) wrote on 2012-09-27: Stacktrace.txt

Stacktrace.txt Edit (3.1 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2012-09-27: StacktraceSource.txt

StacktraceSource.txt Edit (1.6 KiB, text/plain)

Revision history for this message

Apport retracing service (apport) wrote on 2012-09-27: ThreadStacktrace.txt

ThreadStacktrace.txt Edit (3.1 KiB, text/plain)

Changed in rlinetd (Ubuntu):
importance:	Undecided → Medium
summary:	- rlinetd crashed with SIGABRT in raise() + rlinetd crashed with SIGABRT in __libc_message()
tags:	removed: need-amd64-retrace

urusha (urusha) on 2012-09-27

visibility:

private → public

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-09-27:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in rlinetd (Ubuntu):
status:	New → Confirmed

Richard Hansen (rhansen) on 2012-09-27

tags:	added: regression-release
description:	updated

Revision history for this message

Robert Luberda (robert-debian) wrote on 2012-12-19:

This has been fixed in rlinetd 0.8.2-2, however the report hasn't been closed automatically due to a typo in bug number (105764 instead of 1057645)

rlinetd (0.8.2-2) unstable; urgency=low

  * Add 1-Fix-fd_set-overflow.patch to fix fd_set buffer overflows caught
    by new glibc 1.15 hardening checks (LP: #105764)
    The fd_set buffers used by FD_ISSET, FD_SET, FD_CLR macros used to be
    overwritten usually by 1 byte or more in rare cases on systems where
    open file descriptors limit is greater than FD_SETSIZE.
  * Add 2-Add-udp4-to-inetd2rlinetd.patch to support protocols like udp4,
    tcp6 in inetd2rlinetd (LP: #1057663).
  * postinst, postrm: Fix installing/removing diversions (closes: #691778).
    The scripts fail to parse output of `dpkg-divert --list', when it is
    localized, so enforce non-localized output by setting LC_ALL=C.

-- Robert Luberda <email address hidden> Mon, 10 Dec 2012 22:47:43 +0100

Robert Luberda (robert-debian) on 2014-04-29

Changed in rlinetd (Ubuntu):
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubunturlinetd package

rlinetd crashed with SIGABRT in __libc_message()

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
rlinetd package