1151551 – glibc: __gconv_get_path crashes if GCONV_PATH set and no current directory

Bug 1151551 - glibc: __gconv_get_path crashes if GCONV_PATH set and no current directory

Summary: glibc: __gconv_get_path crashes if GCONV_PATH set and no current directory

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	glibc
Sub Component:
Version:	24
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	glibc team
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	https://retrace.fedoraproject.org/faf...
Whiteboard:	abrt_hash:f1e63f13577b294f8d61351b336...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-10-10 16:31 UTC by Krzysztof Klimonda
Modified:	2017-07-27 13:32 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2017-07-27 13:32:35 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
File: backtrace (10.31 KB, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: cgroup (190 bytes, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: core_backtrace (3.22 KB, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: dso_list (589 bytes, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: environ (4.33 KB, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: exploitable (82 bytes, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: limits (1.29 KB, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: maps (2.58 KB, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: open_fds (197 bytes, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: proc_pid_status (937 bytes, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
File: var_log_messages (457 bytes, text/plain) 2014-10-10 16:31 UTC, Krzysztof Klimonda	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Sourceware	17477	0	None	None	None	Never

Description Krzysztof Klimonda 2014-10-10 16:31:20 UTC

Version-Release number of selected component:
bash-4.3.25-2.fc21

Additional info:
reporter:       libreport-2.2.3
backtrace_rating: 4
cmdline:        /bin/sh /home/kklimonda/code/open-source/git-annex.linux/bin/git --git-dir=/home/kklimonda/code/codilime/ntti3/.git --work-tree=/home/kklimonda/code/codilime/ntti3 -c core.bare=false ls-tree --full-tree -z -- refs/heads/git-annex uuid.log remote.log trust.log group.log numcopies.log schedule.log preferred-content.log required-content.log group-preferred-content.log
crash_function: strlen
executable:     /usr/bin/bash
kernel:         3.16.3-302.fc21.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 strlen at ../sysdeps/x86_64/strlen.S:106
 #1 __gconv_get_path at gconv_conf.c:471
 #2 __gconv_read_conf at gconv_conf.c:558
 #3 __gconv_find_transform at gconv_db.c:716
 #4 __wcsmbs_getfct at wcsmbsload.c:91
 #5 __wcsmbs_load_conv at wcsmbsload.c:186
 #6 get_gconv_fcts at ./wcsmbsload.h:75
 #7 __mbrtowc at mbrtowc.c:68
 #8 mblen at mblen.c:59
 #9 setifs at subst.c:9069

Comment 1 Krzysztof Klimonda 2014-10-10 16:31:24 UTC

Created attachment 945726 [details]
File: backtrace

Comment 2 Krzysztof Klimonda 2014-10-10 16:31:25 UTC

Created attachment 945727 [details]
File: cgroup

Comment 3 Krzysztof Klimonda 2014-10-10 16:31:26 UTC

Created attachment 945728 [details]
File: core_backtrace

Comment 4 Krzysztof Klimonda 2014-10-10 16:31:27 UTC

Created attachment 945729 [details]
File: dso_list

Comment 5 Krzysztof Klimonda 2014-10-10 16:31:28 UTC

Created attachment 945730 [details]
File: environ

Comment 6 Krzysztof Klimonda 2014-10-10 16:31:30 UTC

Created attachment 945731 [details]
File: exploitable

Comment 7 Krzysztof Klimonda 2014-10-10 16:31:31 UTC

Created attachment 945732 [details]
File: limits

Comment 8 Krzysztof Klimonda 2014-10-10 16:31:33 UTC

Created attachment 945733 [details]
File: maps

Comment 9 Krzysztof Klimonda 2014-10-10 16:31:35 UTC

Created attachment 945734 [details]
File: open_fds

Comment 10 Krzysztof Klimonda 2014-10-10 16:31:36 UTC

Created attachment 945735 [details]
File: proc_pid_status

Comment 11 Krzysztof Klimonda 2014-10-10 16:31:37 UTC

Created attachment 945736 [details]
File: var_log_messages

Comment 12 Florian Weimer 2014-10-11 09:04:05 UTC

This is a bug in glibc.  It attempts to dereference a NULL pointer if it cannot obtain the current directory in __gconv_get_path:

	  cwd = __getcwd (NULL, 0);
	  cwdlen = strlen (cwd);

Workaround is to make sure that the current directory is valid, or not to set the GCONV_PATH environment variable.

Comment 13 Fedora End Of Life 2015-11-04 10:32:20 UTC

This message is a reminder that Fedora 21 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 21. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '21'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 21 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 14 Jan Kurik 2016-02-24 13:16:45 UTC

This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle.
Changing version to '24'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora24#Rawhide_Rebase

Comment 15 Fedora End Of Life 2017-07-25 18:43:27 UTC

This message is a reminder that Fedora 24 is nearing its end of life.
Approximately 2 (two) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 24. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '24'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 24 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged  change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

Comment 16 Florian Weimer 2017-07-27 13:32:35 UTC

This is being tracked upstream.

Note You need to log in before you can comment on or make changes to this bug.