Bug 1293668 - Segmentation Fault strncpy in libc.so.6 from libcrack.so.2.8.1 symbol Fascistcheck()
Segmentation Fault strncpy in libc.so.6 from libcrack.so.2.8.1 symbol Fascist...
Status: NEW
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: cracklib (Show other bugs)
4.0
All Linux
unspecified Severity medium
: rc
: ---
Assigned To: Tomas Mraz
BaseOS QE Security Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-12-22 10:57 EST by JL Laine
Modified: 2015-12-28 03:37 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description JL Laine 2015-12-22 10:57:25 EST
Description of problem: I have been chasing a segmentation fault in our C/C++ code and reduced it to the following minimal recreation:

handle = dlopen("libcrack.so.2", RTLD_LZY);
*(void **)(&PamFascistCheck) = dlsym(handle,"FascistCheck");
val=(*PamFascistcheck)("cat","/usr/share/dict/PSDict");

*** Segmentation Fault ***
program terminated with signal 11, Segmentation Fault.
in __strncpy_ssse3 () from /lib64/libc.so.6
in FascistCheck () from /usr/lib64/libcrack.so.6
from ~jlaine/testprog


Version-Release number of selected component (if applicable): 
Linux Version 2.6.32-504.el6.x86_64 
gcc version 4.4.7 
Red Hat 4.4.7-11 
libcrack.so.2.8.1
libc.so.6 -> libc-2.12.s0


How reproducible: 
I created a mywords.txt file in my home directory, containing a few simple words to test:
cat
dog
horse
password
secret
and used the /usr/sbin/create-cracklib-dict -o /usr/share/dict/PSDict ./mywords.txt

I then put the 3 lines of code noted above in a c/c++ program and compiled it.
It ended reporting a segmentation fault
my enviorment is missing some of the debug modules but gdb was able to report the above error/trackback for me.
Comment 1 Tomas Mraz 2015-12-22 11:18:43 EST
Can you please report this issue through regular Red Hat support channels so it can be properly investigated and prioritized?

http://www.redhat.com/support

Also I suppose this is not really Red Hat Enterprise Linux 4 but Red Hat Enterprise Linux 6, isn't it?
Comment 2 JL Laine 2015-12-22 11:26:21 EST
cat /proc/version said 4.4.7-11
thank you for pointing me to the regular support channel, I will submit there.
Comment 3 Tomas Mraz 2015-12-28 03:37:02 EST
That's version of the gcc compiler the kernel was built with. The version of the system is in /etc/redhat-release.

Note You need to log in before you can comment on or make changes to this bug.