Red Hat Bugzilla – Full Text Bug Listing
|Summary:||Segfault in nfs-utils 1.2.3 - remote rpc.mountd crash possible|
|Component:||nfs-utils||Assignee:||Steve Dickson <steved>|
|Status:||CLOSED ERRATA||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||14||CC:||jlayton, steved, syang|
|Fixed In Version:||nfs-utils-1.2.3-5.fc14||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2011-02-03 15:24:41 EST||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description sdrb 2011-01-12 10:43:21 EST
Created attachment 473061 [details] Patch for nfs-utils 1.2.3 for fixing segfault. Description of problem: It is possible to crash rpc.mountd remotely. Version-Release number of selected component (if applicable): nfs-utils-1.2.3-1.fc14.i686 How reproducible: Always while mounting nfs share using nfs v2 or v3. Steps to Reproduce: 1. server# rpc.mountd -F -d all 2. host# showmount -a server 3. host# mount -t nfs server:/tmp/nfs /mnt/nfs2 -o nfsvers=3,nolock 4. host# umount /mnt/nfs2 5. host# mount -t nfs server:/tmp/nfs /mnt/nfs2 -o nfsvers=3,nolock 6. host# showmount -a server Actual results: After spawning showmount for the second time (at step 6) - rpc.mountd crashes with segfault (on the nfs-server side). Expected results: Showmount should return list of mounted shares and rpc.mountd shouldn't crash. Additional info: After analyses of nfs-utils source - I think the problem lies in mountlist_list() procedure where "mlist" variable should be NULL-ed after invocation of mountlist_freeall(mlist); I attached patch for fix it. Can anyone confirm that this patch fixes it correctly?
Comment 1 Steve Dickson 2011-01-14 17:36:47 EST
Fixed in nfs-utils-1.2.3-2.fc14
Comment 2 sdrb 2011-01-15 07:04:59 EST
I've checked nfs-utils-1.2.3-2.fc14 and I'm afraid the problem still exist for me - I mean it is still possible to crash rpc.mountd remotely. I've tested both: nfs-utils-1.2.3-2.fc14 binary package and recompiled src package several times and the reaction is the same - segfault.
Comment 3 sdrb 2011-01-25 09:37:03 EST
I upgraded nfs-utils to the newest nfs-utils-1.2.3-4.fc14 and still buggy...
Comment 4 Steve Dickson 2011-01-25 11:16:40 EST
Could you please try the nfs-utils in the following scratch build: http://koji.fedoraproject.org/koji/taskinfo?taskID=2741509 If it does fix the problem, I'll push it out asap... tia...
Comment 5 sdrb 2011-01-26 02:38:08 EST
Yes - it fixes the bug - there is no segfault now. I tested both: your binary nfs-utils-1.2.3-5 i686 package and recompiled on my own from your src.rpm. Both of them work. Thank you.
Comment 6 Fedora Update System 2011-01-26 07:47:40 EST
nfs-utils-1.2.3-5.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/nfs-utils-1.2.3-5.fc14
Comment 7 Fedora Update System 2011-01-26 15:54:01 EST
nfs-utils-1.2.3-5.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update nfs-utils'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/nfs-utils-1.2.3-5.fc14
Comment 8 Fedora Update System 2011-02-03 15:24:36 EST
nfs-utils-1.2.3-5.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
Comment 9 syang 2011-04-14 14:00:38 EDT
I've a similar problem with nfs-utils-1.2.3-5.fc14 (x86_64). After a remote nfs mount request from a client, the nfs-server will not even see ssh requests let alone satisfying any mount request. There is no message in /var/log/messages. I've tried this on 3 servers now, same result. On one occasion, one of the server was in the middle of a yum update and the remote client mount request actually stopped net access for the yum. Re-installed one of the server to f13, and no more problem. Tried the f13 nfs-utils on the f14 servers, no luck after a reboot. I even tried the nfs-utils from f15, still no luck. Disabled "Defaultvers=3" in etc/nfsmount.conf, still no luck. I do admit nfs-utils-1.2.3-5.fc14 used to work with "Defaultvers=4" at the beginning with remote client nfs mount. Now nfs requests are not successful with no error message. Before, it may "timeout" from the "stuck" in an hour or so. Any suggestion besides re-install to f13 ? Thanks in advance.