Bug 703567
| Summary: | edquota defines global symbols with names that nsswitch modules might be using | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Nalin Dahyabhai <nalin> | ||||
| Component: | quota | Assignee: | Petr Pisar <ppisar> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | ovasik, ppisar | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| URL: | https://sourceforge.net/tracker/?func=detail&aid=3300978&group_id=18136&atid=118136 | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 704216 (view as bug list) | Environment: | |||||
| Last Closed: | 2011-05-25 07:26:11 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 704219 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Nalin Dahyabhai
2011-05-10 17:22:33 UTC
This is nasty bug. Actually it means any program that does (indirectly) dlopen() can clash with any exported symbols. Especially if the dlopen()ed object can be linked against any obscure library. Clean solution is to not export any global variables/functions from main program and the ones that must be exported (e.g. due to communication between object program and it's own direct plug-in) must be prefixed uniquely. This like in the old days everything was linked statically. I will audit quota tools code for that. Meanwhile use nscd to separate address space and to avoid segfault. All Fedoras affected. Created attachment 498523 [details]
Fix
Minimal fix. More comprehensive patch proposed to upstream.
Fix commited as quota-4.00-0.15.pre1.fc16 for F16, but it has not been built because glibc stopped to deliver RPC. quota tools must be ported to standalone tirpc. quota-4.00-0.12.pre1.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/quota-4.00-0.12.pre1.fc15 quota-3.17-16.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/quota-3.17-16.fc14 quota-3.17-13.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/quota-3.17-13.fc13 The F16 fix is blocked by bug #704219 (migrate to tirpc) now. (In reply to comment #1) > This is nasty bug. Actually it means any program that does (indirectly) > dlopen() can clash with any exported symbols. Especially if the dlopen()ed > object can be linked against any obscure library. > The real reason why global non-static variable dirname is exported into dynamic symbol table is the code is compiled with -fPIE. Without this option resulting binary does not provide dirname symbol because compiler does not make it dynamic because it's referenced in the original object file only. this hits rhel6, as well, doesn't it? Do we have a bug open there? found the rhel6 bug open for it. thanks Fixed in F16 as quota-4.00-0.15.pre1.fc16 compiled against glibc-2.13.90-12. quota-4.00-0.12.pre1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. quota-3.17-13.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. quota-3.17-16.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. All supported Fedoras have been fixed. |