This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 1253662 - segfault in sgDbUpdate
segfault in sgDbUpdate
Status: ASSIGNED
Product: Fedora EPEL
Classification: Fedora
Component: squidGuard (Show other bugs)
epel7
x86_64 Linux
unspecified Severity urgent
: ---
: ---
Assigned To: Gwyn Ciesla
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-08-14 08:01 EDT by Brian J. Murrell
Modified: 2017-09-24 21:44 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to fix the issue (1.34 KB, text/plain)
2015-08-14 08:01 EDT, Brian J. Murrell
no flags Details

  None (edit)
Description Brian J. Murrell 2015-08-14 08:01:27 EDT
Created attachment 1062995 [details]
patch to fix the issue

Description of problem:
Program received signal SIGSEGV, Segmentation fault.
__memcpy_sse2 () at ../sysdeps/x86_64/memcpy.S:196
196             movq      (%rsi), %rax
Missing separate debuginfos, use: debuginfo-install cyrus-sasl-lib-2.1.26-17.el7.x86_64 nspr-4.10.8-1.el7_1.x86_64 nss-3.19.1-5.el7_1.x86_64 nss-softokn-freebl-3.16.2.3-12.el7_1.x86_64 nss-util-3.19.1-3.el7_1.x86_64 zlib-1.2.7-13.el7.x86_64
(gdb) where
#0  __memcpy_sse2 () at ../sysdeps/x86_64/memcpy.S:196
#1  0x0000555555558131 in memcpy (__len=40, __src=<optimized out>, __dest=0x7ffffffd6560) at /usr/include/bits/string3.h:51
#2  sgDbUpdate (Db=0x555555781210, key=key@entry=0x55555577c917 "brian", value=0x5576f1a0 <Address 0x5576f1a0 out of bounds>, len=len@entry=40) at sgDb.c:513
#3  0x000055555555aa41 in sgSourceUser (user=0x55555577c917 "brian") at sg.y:593
#4  0x000055555555e526 in yyparse () at sg.y:225
#5  0x000055555555e903 in sgReadConfig (file=<optimized out>) at sg.y:385
#6  0x00005555555563e8 in main (argc=1, argv=0x7fffffffe078, envp=0x7fffffffe088) at main.c:141


Version-Release number of selected component (if applicable):
squidGuard-1.4-20.el7.1.x86_64

How reproducible:
100%

Steps to Reproduce:
1. Install squid and squidGuard
2. Configure squidGuard acl for a user
3. Fetch a URL

Actual results:
squidGuard segfaults

Expected results:
squidGuard should not segfault

Additional info:
user configuration in squidGuard.conf:

src brian {
        user brian
}
...
brian { 
                pass whitelist !advertising all
                # redirect in the dest
        }

It looks like Debian have fixed this in their package.  I will attach the patch they apply to fix it.  I have tested this patch in the EPEL build and it works.

I also discovered that this package does not BuildRequires: gcc but of course it needs gcc to build.  It shouldn't be assumed that gcc is installed.
Comment 1 Gwyn Ciesla 2015-08-31 15:48:00 EDT
See if the build here helps.

https://fedorapeople.org/~limb/squidGuard/
Comment 2 Manuel Pelayo 2016-01-26 05:26:46 EST
@Brian 
Great job, this patch solve this squidGuard segfault.

@Jon
This squidGuard version has the same trouble.
Comment 3 Jeffrey Goh 2017-09-24 21:44:13 EDT
https://fedorapeople.org/~limb/squidGuard/ gives me a 404
Brian's patch worked for me - I mangled the spec file and made an RPM for F23 out of the 1.4.30 src rpm for F27. Hope that helps anyone else getting the segfault

< # $Id: squidGuard.spec,v 1.1 2017/09/25 01:41:42 root Exp $
---
> # $Id: squidGuard.spec,v 1.2 2017/09/25 01:41:25 root Exp $
47a48
> Patch11:		squidGuard-userinfo.patch
98a100
> %patch11 -p1

# cat ../SOURCES/squidGuard-userinfo.patch 
--- squidGuard-1.4/src/sgDiv.c.in.broken	2017-09-25 09:06:51.953586213 +0800
+++ squidGuard-1.4/src/sgDiv.c.in	2017-09-25 09:04:03.844150344 +0800
@@ -865,22 +865,3 @@
   return buf;
 }
 
-#if __STDC__
-struct UserInfo *setuserinfo()
-#else
-struct UserInfo *setuserinfo()
-#endif
-{
-  static struct UserInfo uq;
-  uq.status = 0; 
-  uq.time = 0; 
-  uq.consumed = 0; 
-  uq.last = 0; 
-#ifdef HAVE_LIBLDAP
-  uq.ldapuser = 0;
-  uq.found = 0;
-  uq.cachetime = 0;
-#endif
-  return &uq;
-}
-
--- squidGuard-1.4/src/sg.y.in.broken	2008-05-17 20:25:18.000000000 +0200
+++ squidGuard-1.4/src/sg.y.in	2010-06-25 16:57:09.026513217 +0200
@@ -389,6 +389,25 @@
   fclose(yyin);
 }
 
+#if __STDC__
+struct UserInfo *setuserinfo()
+#else
+struct UserInfo *setuserinfo()
+#endif
+{
+  static struct UserInfo uq;
+  uq.status = 0; 
+  uq.time = 0; 
+  uq.consumed = 0; 
+  uq.last = 0; 
+#ifdef HAVE_LIBLDAP
+  uq.ldapuser = 0;
+  uq.found = 0;
+  uq.cachetime = 0;
+#endif
+  return &uq;
+}
+
 
 /*

Note You need to log in before you can comment on or make changes to this bug.