[Bug 237156] Re: SETRANS + libavg = SIGSEGV on Hardy

Bug Watch Updater 237156 at bugs.launchpad.net
Thu Aug 11 05:32:19 UTC 2011 

** Changed in: libselinux (Debian)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libselinux in Ubuntu.
https://bugs.launchpad.net/bugs/237156

Title:
  SETRANS + libavg = SIGSEGV on Hardy

Status in “libselinux” package in Ubuntu:
  Incomplete
Status in “libselinux” package in Debian:
  Fix Released

Bug description:
  I'm experiencing a problem that seems to involve libselinux1 while
  using python-libavg package, a boost.Python based C++ library.

  Simplest testcase:

  1. install python-libavg w/ deps
  2. from python cli:
  >>> import libavg
  >>> CTRL-D

  
  distro: Ubuntu hardy heron / 8.04
  arch: both i386 (Intel core duo) and amd64 (AMD Athlon64 X2)

  libselinux1:
    Installed: 2.0.55-0ubuntu4
    Candidate: 2.0.55-0ubuntu4
    Version table:
       2.0.55-0ubuntu4 0
          500 http://de.archive.ubuntu.com hardy/main Packages
   *** 2.0.55-0ubuntu4 0
          100 /var/lib/dpkg/status

  python-libavg:
    Installed: 0.7.0-4ubuntu1
    Candidate: 0.7.0-4ubuntu1
    Version table:
   *** 0.7.0-4ubuntu1 0
          500 http://de.archive.ubuntu.com hardy/universe Packages
          100 /var/lib/dpkg/status

  
  Valgrind reports:

  =29183== Invalid read of size 8
  ==29183==    at 0xE29B9DD: fini_context_translations (setrans_client.c:211)
  ==29183==    by 0xE28F1F1: (within /lib/libselinux.so.1)
  ==29183==    by 0xE29D040: (within /lib/libselinux.so.1)
  ==29183==    by 0x570010F: exit (exit.c:75)
  ==29183==    by 0x56E91CA: (below main) (libc-start.c:252)
  ==29183==  Address 0x80 is not stack'd, malloc'd or (recently) free'd
  ==29183== 
  ==29183== Process terminating with default action of signal 11 (SIGSEGV): dumping core
  ==29183==  Access not within mapped region at address 0x80
  ==29183==    at 0xE29B9DD: fini_context_translations (setrans_client.c:211)
  ==29183==    by 0xE28F1F1: (within /lib/libselinux.so.1)
  ==29183==    by 0xE29D040: (within /lib/libselinux.so.1)==29183==    by 0x570010F: exit (exit.c:75)
  ==29183==    by 0x56E91CA: (below main) (libc-start.c:252)

  
  GDB says:

  Program received signal SIGSEGV, Segmentation fault.
  [Switching to Thread 0x7f3af10916e0 (LWP 15047)]
  0x00007f3ae812a9dd in fini_context_translations () at setrans_client.c:211
  211		free(prev_r2t_trans);
  (gdb) bt
  #0  0x00007f3ae812a9dd in fini_context_translations () at setrans_client.c:211
  #1  0x00007f3ae811e1f2 in __do_global_dtors_aux () from /lib/libselinux.so.1
  #2  0x00007ffff9097700 in ?? ()
  #3  0x00007f3ae812c041 in _fini () from /lib/libselinux.so.1
  #4  0x00007ffff9097700 in ?? ()
  #5  0x00007f3af0e88796 in _dl_fini () from /lib64/ld-linux-x86-64.so.2
  Backtrace stopped: previous frame inner to this frame (corrupt stack?)

  
  **** Workaround: disable SETRANS

  $ apt-get source libselinux1
  $ cd libselinux-2.0.55
  $ DISABLE_SETRANS=y dpkg-buildpackage -rfakeroot -uc -b
  $ cd ..
  $ sudo dpkg -i libselinux1_2.0.55-0ubuntu4_amd64.deb     (or i386 one)

  Is this workaround going to break some enforcing policy aspects?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libselinux/+bug/237156/+subscriptions

More information about the foundations-bugs mailing list