[Bug 1571456] Re: id crashed with SIGSEGV in sock_eq()

Fri Oct 27 17:26:44 UTC 2017

Launchpad has imported 7 comments from the remote bug at
https://bugzilla.redhat.com/show_bug.cgi?id=1252570.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.

------------------------------------------------------------------------
On 2015-08-11T17:54:24+00:00 Nalin wrote:

Created attachment 1061638
gdb "where full" results, plus a couple of variables

Description of problem:
With a working hesiod configuration, and hesiod enabled for group resolution, multiple applications are crashing while initializing a supplemental groups list.

Version-Release number of selected component (if applicable):
glibc-2.21.90-21.fc23.x86_64
coreutils-8.24-2.fc23.x86_64 used to reproduce the bug

How reproducible:
Always

Steps to Reproduce:
1. cat > /etc/hesiod.conf << EOF
lhs=.hs
rhs=.devel.redhat.com
EOF
2. Add "hesiod" as a source for "group" information in /etc/nsswitch.conf.  Mine reads "files hesiod".
3. Run "groups nalin" or similar.

Actual results:
"groups" segfaults.  I'll attach the gdb backtrace.

Expected results:
The expected groups list.

Additional info:

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/0

------------------------------------------------------------------------
On 2016-02-05T14:13:21+00:00 Florian wrote:

Caused by upstream commit 2212c1420c92a33b0e0bd9a34938c9814a56c0f7.  Bug
reported upstream.  There are various ways to fix this, but which
approach is best is unclear.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/1

------------------------------------------------------------------------
On 2016-02-15T11:24:29+00:00 Florian wrote:

Reproducer without changing /etc:

cat > /etc/hesiod.conf << EOF
lhs=.hs
rhs=.devel.redhat.com
EOF
HESIOD_CONFIG=hesiod.conf getent -s hesiod group 0 0

I'm reverting the upstream commit which introduced this bug.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/2

------------------------------------------------------------------------
On 2016-02-16T16:08:11+00:00 Fedora wrote:

glibc-2.22-9.fc23 has been submitted as an update to Fedora 23.
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f9e9a34ce

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/3

------------------------------------------------------------------------
On 2016-02-17T06:26:43+00:00 Fedora wrote:

glibc-2.22-9.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-0f9e9a34ce

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/4

------------------------------------------------------------------------
On 2016-02-17T14:20:20+00:00 Fedora wrote:

glibc-2.22-9.fc23 has been pushed to the Fedora 23 stable repository. If
problems still persist, please make note of it in this bug report.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/5

------------------------------------------------------------------------
On 2016-02-17T18:48:28+00:00 Florian wrote:

Due to this change, a glibc update to the fixed versions *without* a
reboot (or process restart) may cause name resolution failures.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1571456/comments/6

** Changed in: glibc (Fedora)
       Status: Unknown => Fix Released

** Changed in: glibc (Fedora)
   Importance: Unknown => Undecided

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1571456

Title:
  id crashed with SIGSEGV in sock_eq()

Status in GLibC:
  Unknown
Status in glibc package in Ubuntu:
  Fix Released
Status in glibc source package in Xenial:
  Fix Released
Status in glibc package in Debian:
  Fix Released
Status in glibc package in Fedora:
  Fix Released

Bug description:
  [Impact]

  The nss_hesiod nsswitch module, which worked in previous releases,
  does not work at all in Ubuntu 16.04.  Enabling it causes NULL pointer
  dereferences in calls such as getpwuid().  This will prevent any user
  logins from succeeding in our environment of hundreds of workstations,
  which in turn blocks us from upgrading from 14.04 to 16.04.

  [Test Case]

  # sed -i 's/passwd: *compat/& hesiod/' /etc/nsswitch.conf
  # cat > /etc/hesiod.conf <<EOF
  lhs=.ns
  rhs=.athena.mit.edu
  EOF
  # id andersk
  Segmentation fault (core dumped)

  Expected output: uid=39270(andersk) gid=101(…) groups=101(…).

  [Regression Potential]

  I wrote a 6-line patch that conditionalizes an errant res_nclose call.
  There is also a bigger upstream patch on the glibc 2.22 and 2.23
  stable branches that entirely removes the unused abstraction that
  necessitated the res_nclose calls at all.  Neither patch makes any
  changes outside of the glibc hesiod directory, which as of now is so
  thoroughly broken that there is nothing left to regress.

  [Other Info]

  ProblemType: Crash
  DistroRelease: Ubuntu 16.04
  Package: coreutils 8.25-2ubuntu2
  ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6
  Uname: Linux 4.4.0-18-generic x86_64
  NonfreeKernelModules: openafs
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Sun Apr 17 22:39:06 2016
  EcryptfsInUse: Yes
  ExecutablePath: /usr/bin/id
  ExecutableTimestamp: 1455802667
  InstallationDate: Installed on 2016-02-19 (58 days ago)
  InstallationMedia: Ubuntu-GNOME 16.04 LTS "Xenial Xerus" - Alpha amd64 (20160218)
  ProcCmdline: id andersk
  ProcCwd: /home/anders
  SegvAnalysis:
   Segfault happened at: 0x7fef32217a88 <__libc_res_nsend+3192>:	cmp    %dx,(%rax)
   PC (0x7fef32217a88) ok
   source "%dx" ok
   destination "(%rax)" (0x00000000) not located in a known VMA region (needed writable region)!
  SegvReason: writing NULL VMA
  Signal: 11
  SourcePackage: coreutils
  StacktraceTop:
   sock_eq (a2=0x0, a1=0x7fef33b9daf4 <_res+20>) at res_send.c:1584
   __libc_res_nsend (statp=0x7fef33b9dae0 <_res>, buf=buf at entry=0x7ffd88e80910 "@\267\001", buflen=45, buf2=buf2 at entry=0x0, buflen2=buflen2 at entry=0, ans=ans at entry=0x7ffd88e80d10 " you want.  Don't add spaces after the\n", anssiz=1024, ansp=0x0, ansp2=0x0, nansp2=0x0, resplen2=0x0, ansp2_malloced=0x0) at res_send.c:408
   __GI___res_nsend (statp=<optimized out>, buf=buf at entry=0x7ffd88e80910 "@\267\001", buflen=<optimized out>, ans=ans at entry=0x7ffd88e80d10 " you want.  Don't add spaces after the\n", anssiz=anssiz at entry=1024) at res_send.c:630
   get_txt_records (class=1, name=name at entry=0xff3dd0 "39270.uid.ns.athena.mit.edu", ctx=0xff27e0) at hesiod.c:374
   hesiod_resolve (context=context at entry=0xff27e0, name=name at entry=0x7ffd88e81190 "39270", type=type at entry=0x7fef3242a486 "uid") at hesiod.c:240
  Title: id crashed with SIGSEGV in sock_eq()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm bumblebee cdrom dip libvirtd lpadmin plugdev sambashare sbuild sudo wireshark

To manage notifications about this bug go to:
https://bugs.launchpad.net/glibc/+bug/1571456/+subscriptions