Bug 34355
| Summary: | [qa0319, fig2dev] Core dump when using LDAP auth | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Enrico Scholz <rh-bugzilla> |
| Component: | transfig | Assignee: | Than Ngo <than> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.1 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2001-04-02 15:44:38 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
It's fixed in transfig-3.2.3c-3. |
When using: 1. LDAP authentication *with* TLS and 2. *not* running nscd fig2dev dumps core: $ fig2dev -L eps test.xfig ttbuild_SYS_str_reasons *** Segmentation fault This happens because fig2dev defines it's own strerror() function which access glibc's str_errlist directly. strerror() gets called by OpenSSL's build_SYS_str_reasons() function with values till127, but errors >125 are undefined in str_errlist. So an undefined value will be given to a strncpy() which dumps core then. I suggest to add a 'NEED_STRERROR=' to the make-directives in transfig.spec. -------------- Core dump: #0 strncpy (s1=0x4028bca0 "", s2=0x4c <Address 0x4c out of bounds>, n=32) at ../sysdeps/generic/strncpy.c:41 #1 0x40219ec4 in build_SYS_str_reasons () at eval.c:41 #2 0x4021a025 in ERR_load_ERR_strings () at eval.c:41 #3 0x4021a0d9 in ERR_load_strings () at eval.c:41 #4 0x40222269 in ERR_load_ASN1_strings () at eval.c:41 #5 0x4021ada0 in ERR_load_crypto_strings () at eval.c:41 #6 0x401f530b in SSL_load_error_strings () at eval.c:41 #7 0x401d1822 in ldap_pvt_tls_init () at eval.c:41 #8 0x401d2a1f in ldap_pvt_tls_start () at eval.c:41 #9 0x401d2dcf in ldap_start_tls_s () at eval.c:41 #10 0x401bdbbc in do_open () at ldap-nss.c:801 #11 0x401be8ce in _nss_ldap_search (args=0xbfffeca8, filterprot=0x4025e740 "(&(objectclass=posixAccount)(uidNumber=%d))", sel=LM_PASSWD, sizelimit=1, msgid=0xbfffec54) at ldap-nss.c:1664 #12 0x401beb3a in _nss_ldap_getbyname (args=0xbfffeca8, result=0x401940ec, buffer=0x80974c0 "pvm", buflen=1024, errnop=0x40192a60, filterprot=0x4025e740 "(&(objectclass=posixAccount)(uidNumber=%d))", sel=LM_PASSWD, parser=0x401bf124 <_nss_ldap_parse_pw>) at ldap-nss.c:1807 #13 0x401bf531 in _nss_ldap_getpwuid_r (uid=1076411552, result=0x401940ec, buffer=0x80974c0 "pvm", buflen=76, errnop=0x4028bc9f) at ldap-pwd.c:226 #14 0x40121a7e in __getpwuid_r (uid=1000, resbuf=0x401940ec, buffer=0x80974c0 "pvm", buflen=1024, result=0xbfffed40) at ../nss/getXXbyYY_r.c:200 #15 0x4012144b in getpwuid (uid=1000) at ../nss/getXXbyYY.c:131 #16 0x08067c3d in strerror () at eval.c:41 #17 0x0804a2ef in strcpy () at ../sysdeps/generic/strcpy.c:31 #18 0x08049c3e in strcpy () at ../sysdeps/generic/strcpy.c:31 #19 0x40084147 in __libc_start_main (main=0x8049b30 <strcpy+1144>, argc=5, ubp_av=0xbffff7cc, init=0x80491d0 <_init>, fini=0x80774fc <_fini>, rtld_fini=0x4000e164 <_dl_fini>, stack_end=0xbffff7c4) at ../sysdeps/generic/libc-start.c:129