Bug 639048

Summary: broken internal linkage causes SIGSEGV within libaudit.so.1.0.0
Product: [Fedora] Fedora Reporter: Kamil Dudka <kdudka>
Component: opensshAssignee: Jan F. Chadima <jchadima>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: jchadima, mgrepl, mschmidt, tbzatek, tmraz
Target Milestone: ---Keywords: Patch
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Fixed In Version: openssh-5.6p1-10 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-26 11:17:14 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Description Flags
fix none

Description Kamil Dudka 2010-09-30 13:06:00 EDT
Created attachment 450818 [details]

Description of problem:
#0  0x00007ffff7742c58 in audit_log_acct_message (audit_fd=4, type=1112, pgname=0x0, op=0x7ffff7fe4e30 "login", 
    name=0xfffffffff82107a0 <Address 0xfffffffff82107a0 out of bounds>, id=4294967295, host=0x0, 
    addr=0xfffffffff8212d80 <Address 0xfffffffff8212d80 out of bounds>, tty=0x7ffff7fdf097 "sshd", result=0) at audit_logging.c:391
#1  0x00007ffff7fb1de5 in linux_audit_record_event (uid=-1, username=<value optimized out>, hostname=0x0, 
    ip=0xfffffffff8212d80 <Address 0xfffffffff8212d80 out of bounds>, ttyn=0x7ffff7fdf097 "sshd", success=<value optimized out>)
    at audit-linux.c:54
#2  0x00007ffff7f99ad2 in userauth_finish (authctxt=0x7ffff8212180, authenticated=<value optimized out>, method=0x7ffff820f840 "none")
    at auth2.c:350
#3  0x00007ffff7f9a0a7 in input_userauth_request (type=<value optimized out>, seq=<value optimized out>, ctxt=0x7ffff8212180)
    at auth2.c:302
#4  0x00007ffff7fd22b6 in dispatch_run (mode=0, done=0x7ffff8212180, ctxt=0x7ffff8212180) at dispatch.c:98
#5  0x00007ffff7f8ddd6 in main (ac=<value optimized out>, av=<value optimized out>) at sshd.c:2041

(gdb) print canonical_host_ip
$1 = 0x7ffff8212d80 ""

    0x7ffff8212d80 is the valid address
0xfffffffff8212d80 is a nonsense caused by broken linkage among openssh modules

Version-Release number of selected component (if applicable):

Additional info:
Patch attached.
Comment 1 Kamil Dudka 2010-09-30 13:59:56 EDT
*** Bug 638978 has been marked as a duplicate of this bug. ***
Comment 2 Jan F. Chadima 2010-10-01 03:31:03 EDT
please test it
Comment 3 Kamil Dudka 2010-10-01 04:47:29 EDT
SCP/SFTP tests from curl's test-suite are back with openssh-server-5.6p1-10.fc15:

Comment 4 Kamil Dudka 2010-10-01 05:00:59 EDT
Although the patch solves the problem, please consider moving the declaration of audit_username() to audit.h, where it correctly belongs.  I didn't read much the sources yesterday.
Comment 5 Michal Schmidt 2010-10-01 05:07:34 EDT
openssh-server-5.6p1-10.fc15 fixes the SIGSEGV for me.