Ubuntu
util-linux package

umount segfaults with inconsistent entry in /etc/fstab

Bug #726283 reported by Greg Brockman
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
util-linux (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: util-linux

Reproduced on Maverick using util-linux version 2.17.2-0ubuntu1.

If /etc/fstab has an incorrect mount directory for an already mounted device, 'umount <device>' will segfault when run as an unprivileged user.

Steps to reproduce:
cd /tmp
# Create and mount a loopback file
dd if=/dev/zero of=file bs=1024 count=300; mkdir fs
sudo losetup /dev/loop0 file; sudo mkfs /dev/loop0
sudo mount /dev/loop0 fs/
# Add entry to /etc/fstab with incorrect/missing mount directory
echo /tmp/fs | sudo tee -a /etc/fstab
# Try umounting as an unprivileged user
umount /tmp/fs
# Segfault!

Applying the attached patch fixes the segfault. The semantics of this patch are likely wrong, but at least this demonstrates the codepath taken (fs escapes from the revelant block being NULL, only to be dereferenced on the next line).

Tags: patch
Revision history for this message
Greg Brockman (thegdb) wrote :
Brian Murray (brian-murray)
tags: added: patch
Revision history for this message
Karel Zak (kzak) wrote :

Fixed by upstream commit 6c7f688b1f46c6fb31aa8a4a27d493c90e9ded37.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in util-linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Jon Brase (jonathan-brase) wrote :

I can reproduce this bug in Lucid.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.