Bug 163883 - segfaults when changing context
segfaults when changing context
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: vixie-cron (Show other bugs)
4.0
All Linux
medium Severity high
: ---
: ---
Assigned To: Marcela Mašláňová
Brock Organ
:
Depends On: 151145
Blocks:
  Show dependency treegraph
 
Reported: 2005-07-21 15:31 EDT by Jason Vas Dias
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version: vixie-cron-36_EL4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-28 07:00:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jason Vas Dias 2005-07-21 15:31:05 EDT
+++ This bug was initially created as a clone of Bug #151145 +++

Description of problem:

crond dies when executing jobs:

| Program received signal SIGSEGV, Segmentation fault.
| 0x97fddfba in *setexeccon_internal (context=0x11d3cc <Address 0x11d3cc out of
bounds>)
|     at setexeccon.c:15
| 15                      ret = write(fd, context, strlen(context)+1);
| (gdb) bt
| #0  0x97fddfba in *setexeccon_internal (context=0x11d3cc <Address 0x11d3cc out
of bounds>)
|     at setexeccon.c:15
| #1  0x6aab1988 in do_command (e=0x6aab86f0, u=0x6aab8698) at do_command.c:334
| #2  0x6aab11fc in job_runqueue () at job.c:66
| #3  0x6aaaed3e in main (argc=1, argv=0x4236e629) at cron.c:256


Previous breakpoints were

| Breakpoint 2, do_command (e=0x6aab86f0, u=0x6aab8698) at do_command.c:71
| 71              Debug(DPROC, ("[%ld] do_command(%s, (%s,%ld,%ld))\n",
| (gdb) p u
| $1 = (user *) 0x6aab8698
| (gdb) p *u
| $2 = {next = 0x0, prev = 0x6aab8190, name = 0x6aab81c0 "*system*", mtime =
1109646298, 
|   crontab = 0x6aab9700, scontext = 0x11d3cc <Address 0x11d3cc out of bounds>}
| (gdb) c
| Continuing.
| Attaching after fork to child process 28298.
| Attaching after fork to child process 28299.
| [Switching to process 28299]
| 
| Breakpoint 1, 0x97fddf7e in *setexeccon_internal (context=0x11d3cc <Address
0x11d3cc out of bounds>)
|     at setexeccon.c:7
| 7       {
| (gdb) c


As you see, 'u->scontext' is uninitialized which is caused in
get_security_context() (user.c) by

|       if (get_default_context(name, NULL, &scontext)) {
|               if (security_getenforce() > 0) {
|                       log_it(name, getpid(), "No SELinux security
context",tabname);
|                       return -1;
|               } else {
|                       log_it(name, getpid(), "No security context but SELinux
in permissive mode, co
|               }
|       }

On my system (a chroot environment), get_default_context() fails and
'scontext' gets never be initialized.



Version-Release number of selected component (if applicable):

vixie-cron-4.1-24_FC4
libselinux-1.22-1
Comment 1 Jason Vas Dias 2005-08-01 09:28:10 EDT
This is fixed with vixie-cron-36_EL4, to be delivered in RHEL-4-U2.
Meanwhile, it can be obtained from:
  http://people.redhat.com/~jvdias/cron/RHEL-4 
Comment 2 Marcela Mašláňová 2006-08-28 07:00:15 EDT
It has been fixed in vixie-cron-36_EL4.

Note You need to log in before you can comment on or make changes to this bug.