RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1734057 - automount segfaults if a bad hosts entry is added in /etc/auto.master
Summary: automount segfaults if a bad hosts entry is added in /etc/auto.master
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: autofs
Version: 7.6
Hardware: All
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Ian Kent
QA Contact: Kun Wang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-29 14:27 UTC by Kenneth D'souza
Modified: 2020-03-31 20:00 UTC (History)
2 users (show)

Fixed In Version: autofs-5.0.7-107.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-03-31 20:00:35 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Patch - fix reset flex scan buffer on init (1.11 KB, patch)
2019-07-30 11:51 UTC, Ian Kent 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:1106 0 None None None 2020-03-31 20:00:50 UTC

Description Kenneth D'souza 2019-07-29 14:27:06 UTC 
Description of problem:
automount segfaults if a bad hosts entry is added in /etc/auto.master

Version-Release number of selected component (if applicable):
# rpm -q autofs
autofs-5.0.7-99.el7.x86_64

How reproducible:
always 

Steps to Reproduce:
1. Add a bad entry in /etc/auto/master like below

# grep -v ^# /etc/auto.master  | grep -i hosts
/net	-hosts
@ -hosts  <---------------

2. Trigger a crash by running automount -m or simply automount

# automount -m
100000000|syntax error in map near [ @ -hosts  ]
Segmentation fault (core dumped)

# dmesg | tail -f
[ 1684.146282] automount[6707]: segfault at 0 ip 00007f023f9d2901 sp 00007ffc0f4b8638 error 4 in libc-2.17.so[7f023f864000+1c2000]


Actual results:

# automount -m
100000000|syntax error in map near [ @ -hosts  ]
Segmentation fault (core dumped)


Expected results:

To not segfault and return the correct maps.

# automount -m
100000000|syntax error in map near [ @ -hosts ]

autofs dump map information
===========================

global options: none configured

Mount point: /misc

source(s):

  instance type(s): file 
  map: /etc/auto.misc

  cd | -fstype=iso9660,ro,nosuid,nodev	:/dev/cdrom


Mount point: /net

source(s):

  type: hosts

  localhost | (null)


Additional info:

Unable to reproduce the issue on fedora.

# rpm -q autofs
autofs-5.1.5-4.fc30.x86_64
Comment 2 Ian Kent 2019-07-30 01:49:36 UTC 
(In reply to Kenneth D'souza from comment #0)
> Description of problem:
> automount segfaults if a bad hosts entry is added in /etc/auto.master
> 
> Version-Release number of selected component (if applicable):
> # rpm -q autofs
> autofs-5.0.7-99.el7.x86_64
> 
> How reproducible:
> always 
> 
> Steps to Reproduce:
> 1. Add a bad entry in /etc/auto/master like below
> 
> # grep -v ^# /etc/auto.master  | grep -i hosts
> /net	-hosts
> @ -hosts  <---------------
> 
> 2. Trigger a crash by running automount -m or simply automount

Mmm ... I'm not able to reproduce this.

I tried on Centos7 with rev 99 and couldn't reproduce it, so I checked
out a RHEL-7.6 lab machine and still couldn't reproduce it.

I'll try installing 7.6 into a VM and apply any updates and see if I
can reproduce it then.

If I can't reproduce it we'll need to inspect a core on an install
that can reproduce it to see if we can get more information.

Ian
Comment 3 Kenneth D'souza 2019-07-30 05:07:12 UTC 
(In reply to Ian Kent from comment #2)
> (In reply to Kenneth D'souza from comment #0)
> > Description of problem:
> > automount segfaults if a bad hosts entry is added in /etc/auto.master
> > 
> > Version-Release number of selected component (if applicable):
> > # rpm -q autofs
> > autofs-5.0.7-99.el7.x86_64
> > 
> > How reproducible:
> > always 
> > 
> > Steps to Reproduce:
> > 1. Add a bad entry in /etc/auto/master like below
> > 
> > # grep -v ^# /etc/auto.master  | grep -i hosts
> > /net	-hosts
> > @ -hosts  <---------------
> > 
> > 2. Trigger a crash by running automount -m or simply automount
> 
> Mmm ... I'm not able to reproduce this.
> 
> I tried on Centos7 with rev 99 and couldn't reproduce it, so I checked
> out a RHEL-7.6 lab machine and still couldn't reproduce it.
> 
> I'll try installing 7.6 into a VM and apply any updates and see if I
> can reproduce it then.
> 
> If I can't reproduce it we'll need to inspect a core on an install
> that can reproduce it to see if we can get more information.
> 
> Ian

Sorry I missed to update that the issue is seen only if I have a autofs file inside /etc/auto.master.d

# cat /etc/auto.master.d/direct.autofs 
/- /etc/auto.direct
 
# cat /etc/auto.direct 
/test/data -rw nfs-server:/example

# grep -v ^# /etc/auto.master
/misc	/etc/auto.misc
/net	-hosts
@ -hosts  <-------------------------------------- bad entry
+dir:/etc/auto.master.d <----------------------------------- this is necessary
+auto.master

I hope this helps.
Comment 4 Ian Kent 2019-07-30 10:23:30 UTC 
(In reply to Kenneth D'souza from comment #3)
> 
> Sorry I missed to update that the issue is seen only if I have a autofs file
> inside /etc/auto.master.d
> 
> # cat /etc/auto.master.d/direct.autofs 
> /- /etc/auto.direct
>  
> # cat /etc/auto.direct 
> /test/data -rw nfs-server:/example
> 
> # grep -v ^# /etc/auto.master
> /misc	/etc/auto.misc
> /net	-hosts
> @ -hosts  <-------------------------------------- bad entry
> +dir:/etc/auto.master.d <----------------------------------- this is
> necessary
> +auto.master
> 
> I hope this helps.

That did the trick, I'll sort it out.

Thanks
Ian
Comment 5 Ian Kent 2019-07-30 11:51:52 UTC 
Created attachment 1594586 [details]
Patch - fix reset flex scan buffer on init

Found it.
Comment 6 Ian Kent 2019-07-30 12:15:07 UTC 
Change applied, built and verified to work for the case here.
The build can be found at:
https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=940222

Please test to make sure it really is ok.
Comment 7 Kenneth D'souza 2019-07-30 12:52:08 UTC 
(In reply to Ian Kent from comment #6)
> Change applied, built and verified to work for the case here.
> The build can be found at:
> https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=940222
> 
> Please test to make sure it really is ok.

Works for me!
Comment 11 errata-xmlrpc 2020-03-31 20:00:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1106
Note You need to log in before you can comment on or make changes to this bug.