Bug 229344
| Summary: | Automount segfaults in do_mount_indirect | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Anders Blomdell <anders.blomdell> | ||||
| Component: | autofs | Assignee: | Ian Kent <ikent> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Brock Organ <borgan> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 6 | CC: | ikent, jmoyer, oliva | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | autofs-5.0.1-1 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2007-04-19 07:28:50 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 231949 | ||||||
| Attachments: |
|
||||||
Created attachment 148414 [details]
check both status and pointer return from getpwuid_r and getgrgid_r
Oh boy, I missed that. (In reply to comment #0) > > Actual results: > > Status == 0 and *ppgr == NULL > > > Expected results: > > Status != 0 when *ppgr == NULL, but the manpages are a bit vague... > Indeed. Thanks for your effort in describing the bug. On further investigation this behaviour seems to be common with the "xxx_r" functions. I've checked my usage of all of them and the password and group calls are the only ones where I don't account for it. Except for strerror_r calls, but we should always have a valid errno in those cases. I'll fix it and get an update out. Thanks Ian Is this what causes autofs-5.0.1-0.rc3.24.x86_64 to crash where autofs-5.0.1-0.rc3.22 works (rawhide), or should I file a separate bug? AFAICT glibc reports a buffer overflow, but I can't figure out how to stop automount from forking into background. I was hoping -d would do that, but no luck :-( Same problem on rc3.23 on F6, FWIW. (In reply to comment #5) > Same problem on rc3.23 on F6, FWIW. Don't think so. Think that was the "add "@network" and .domain.name export check." update added in 0.rc3.24. Sorry. Use 5.0.1-2 please. Ian (In reply to comment #6) > (In reply to comment #5) > > Same problem on rc3.23 on F6, FWIW. > > Don't think so. > Think that was the "add "@network" and .domain.name export check." > update added in 0.rc3.24. Sorry. > > Use 5.0.1-2 please. Oops, I'm confused. I was talking about the Rawhide revision. I've pushed autofs-5.0.1-0.rc3.25 to testing today. Can you check and see if that revision resolves this please. Ian Works OK here (i.e. I get the expected 'do_mount_indirect: failed to get group info from getgrgid_r'), thanks! |
Description of problem: Automount occasionally segfaults in do_mount_indirect when trying to lookup non-existant groups. Version-Release number of selected component (if applicable): autofs-5.0.1-0.rc3.21 How reproducible: Somtimes Steps to Reproduce: 1. Run automounter for some time on system that automounts directories for users with unknown gid's The following small programs shows that return status from getpwuid_r and getgrgid_r is not what one would expect: #include <sys/types.h> #include <grp.h> #include <pwd.h> #include <stdio.h> int main(int argc, char *argv[]) { struct group gr; struct group *pgr = &gr; struct group **ppgr = &pgr; struct passwd pw; struct passwd *ppw = &pw; struct passwd **pppw = &ppw; char tmp[2048]; int status = 0; status = getpwuid_r(atoi(argv[1]), ppw, tmp, 2048, pppw); printf("Status:%d ppw:%20p pppw:%20p *pppw=%p\n", status, ppw, pppw, *pppw); status = getgrgid_r(atoi(argv[1]), pgr, tmp, 2048, ppgr); printf("Status:%d pgr:%20p ppgr:%20p *ppgr=%p\n", status, pgr, ppgr, *ppgr); } Actual results: Status == 0 and *ppgr == NULL Expected results: Status != 0 when *ppgr == NULL, but the manpages are a bit vague... Additional info: