Bug 1304426 - [rfe] /bin/su should be improved to reduce stack use
[rfe] /bin/su should be improved to reduce stack use
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: util-linux (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Karel Zak
qe-baseos-daemons
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-03 09:59 EST by Striker Leggette
Modified: 2016-11-03 17:26 EDT (History)
2 users (show)

See Also:
Fixed In Version: util-linux-2.23.2-31.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-03 17:26:51 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Striker Leggette 2016-02-03 09:59:35 EST
[+] Description of problem:
 /bin/su should print a warning if stack size is a low number

[+] Version-Release number of selected component (if applicable):


[+] How reproducible:
Always

[+] Steps to Reproduce:
1. $ ulimit -s 275
2. $ su
3.

[+] Actual results:
$ /bin/su
Segmentation fault

[+] Expected results:
$ /bin/su
Warning - stack size is $(ulimit -s)
This may cause unwanted results
Segmentation fault

[+] Additional info:
As of util-linux 2.23.2-26.el7, the tested minimal required stack size is 276.  Anything lower will cause /bin/su to segfault.  The /bin/su application should have an if, then (example) rule that if it matches 300 (example number) or lower, it prints a warning.
Comment 1 Striker Leggette 2016-02-03 10:13:20 EST
Since su is written in C, example:

if ( $(ulimit -s) < 300 )
    printf( "Warning - stack size is less than 300" );

Or, a more long-term solution would be to implement a separate function that allows itself to calculate it's own stack requirement and then match that against what is available and cleanly exit if the requirement is less than available.
Comment 2 Striker Leggette 2016-02-03 10:15:40 EST
By "cleanly exit if the requirement is less than available" I meant "cleanly exit if the requirement is greater than available".
Comment 10 Mike McCune 2016-03-28 18:54:17 EDT
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions
Comment 15 errata-xmlrpc 2016-11-03 17:26:51 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2605.html

Note You need to log in before you can comment on or make changes to this bug.