Bug 696185

Summary: Segmentation fault on providing all four parameters (EKU, DNS, Email, Principal name) with start-tracking
Product: Red Hat Enterprise Linux 6 Reporter: Kaleem <ksiddiqu>
Component: certmongerAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.1CC: ckannan, dpal, kchamart, syeghiay
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: certmonger-0.42-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 13:07:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
backtrace and gdb output none

Description Kaleem 2011-04-13 13:50:48 UTC 
Description of problem:
Certmonger crashes when in start-tracking new values of parameters Extended Key Usage, DNS, Email and principal name are provided.
It is occurring only when all four parameters are provided in start-tracking.

Version-Release number of selected component (if applicable):
certmonger-0.41-1.el6.x86_64

How reproducible:
Issue a certificate request with default values for parameters like Extended Key usage, DNS, Email and principal name. Now provide new values for all four parameters in start-tracking so that new values gets effective when certiificate gets renewed.


Steps to Reproduce:
(1)Install certmonger

[root@testing getcert_start-tracking]# yum install certmonger -y

Installed:
  certmonger.x86_64 0:0.41-1.el6                                                                    
Dependency Installed:
  libtevent.x86_64 0:0.9.8-8.el6                                                                   Complete!

(2)Start certmonger service
[root@testing getcert_start-tracking]# service certmonger start
Starting certmonger:                                       [  OK  ]

(3)Create a temp directory
[root@testing getcert_start-tracking]# mkdir /tmp/kaleem

(4)Change the SELinux context of directory created in last step

[root@testing getcert_start-tracking]# chcon -t cert_t /tmp/kaleem/

(5)Issue a request with request nickname

[root@testing getcert_start-tracking]# getcert request -d /tmp/kaleem/ -n certtest -I testing -c SelfSign
New signing request "testing" added.
[root@testing getcert_start-tracking]# getcert list
Number of certificates and requests being tracked: 1.
Request ID 'testing':
	status: MONITORING
	stuck: no
	key pair storage: type=NSSDB,location='/tmp/kaleem',nickname='certtest',token='NSS Certificate DB'
	certificate: type=NSSDB,location='/tmp/kaleem',nickname='certtest',token='NSS Certificate DB'
	CA: SelfSign
	issuer: CN=testing.mars.lab.eng.pnq.redhat.com
	subject: CN=testing.mars.lab.eng.pnq.redhat.com
	expires: 20120413064217
	dns: testing.mars.lab.eng.pnq.redhat.com
	principal name: host/testing.mars.lab.eng.pnq.redhat.com
	eku: id-kp-serverAuth
	track: yes
	auto-renew: yes
[root@testing getcert_start-tracking]#

(6)Run start-tracking on the request with new values for parameters extended key usage, DNS, Email and principal name

[root@testing getcert_start-tracking]# getcert start-tracking -i testing -U id-kp-clientAuth -D new.lab.redhat.com -E abc -K "host/new.lab.redhat.com"
Segmentation fault (core dumped)
[root@testing getcert_start-tracking]#

There is Segmentation fault.
  
Actual results:
Segmentation fault occurs

Expected results:
There should be no segmentation fault.

Additional info:
(1)BackTrace and gdb debug output has been attached.
Comment 1 Kaleem 2011-04-13 13:51:35 UTC 
Created attachment 491771 [details]
backtrace and gdb output
Comment 3 Nalin Dahyabhai 2011-04-13 14:10:31 UTC 
Buffer overrun in the getcert tool.
Comment 10 errata-xmlrpc 2011-05-19 13:07:27 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0570.html