segv in sudo_getgrgid
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sudo |
Unknown
|
Unknown
|
|||
sudo (Ubuntu) |
Fix Released
|
High
|
Marc Deslauriers | ||
Xenial |
Fix Released
|
High
|
Marc Deslauriers |
Bug Description
[Impact]
In certain environments, for example when using LDAP, users can end up in a group with no name. When that happens, sudo crashes when attempting to look up the group name for the debug log.
Upstream has commited a simple fix for this issue, it has been commited to Yakkety, and uploaded to Xenial.
[Test Case]
I currently don't know an easy way to reproduce this, it is environment-
[Regression Potential]
A regression in the patch would prevent users from using sudo. The risk of regression is low since the patch only changes the debug log.
Original report:
If the user is in a group with no name (because libnss-db got removed and the group was defined there, for example...) then:
the call to sudo_debug_printf in sudo_getgrgid (plugins/
tags: | added: xenial |
Changed in sudo (Ubuntu): | |
importance: | Undecided → High |
Changed in sudo (Ubuntu Xenial): | |
status: | New → Confirmed |
Changed in sudo (Ubuntu Xenial): | |
status: | Fix Committed → Fix Released |
this is with current xenial (1.8.16-0ubuntu1)