Bug 1761047
| Summary: | Null dereference in sssctl/sssctl_domains.c:sssctl_domain_status_active_server() | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Niranjan Mallapadi Raghavender <mniranja> |
| Component: | sssd | Assignee: | Alexey Tikhonov <atikhono> |
| Status: | CLOSED ERRATA | QA Contact: | sssd-qe <sssd-qe> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 8.1 | CC: | atikhono, grajaiya, jhrozek, lslebodn, mzidek, pbrezina, sgoveas, tscherf |
| Target Milestone: | rc | Flags: | pm-rhel:
mirror+
|
| Target Release: | 8.0 | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| URL: | http://faf.lab.eng.brq.redhat.com/faf/reports/bthash/bb0690fb74e529f186895fdff7aff8ddd234c1bd/ | ||
| Whiteboard: | sync-to-jira | ||
| Fixed In Version: | sssd-2.2.3-2.el8 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-04-28 16:56:04 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Niranjan Mallapadi Raghavender
2019-10-12 04:26:29 UTC
```
(gdb) finish
Run till exit from #0 sbus_call_ifp_domain_ListServices (mem_ctx=mem_ctx@entry=0x555555819660,
conn=conn@entry=0x555555816890, busname=busname@entry=0x555555568e50 "org.freedesktop.sssd.infopipe",
object_path=object_path@entry=0x5555557a0290 "/org/freedesktop/sssd/infopipe/Domains/proxy",
_arg_services=_arg_services@entry=0x7fffffffd8c8) at src/responder/ifp/ifp_iface/sbus_ifp_client_sync.c:1023
0x000055555555e816 in sssctl_domain_status_active_server (
domain_path=0x5555557a0290 "/org/freedesktop/sssd/infopipe/Domains/proxy", conn=0x555555816890)
at src/tools/sssctl/sssctl_domains.c:203
203 ret = sbus_call_ifp_domain_ListServices(tmp_ctx, conn, IFP_BUS,
Value returned is $1 = 0
(gdb) list
198 if (tmp_ctx == NULL) {
199 DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
200 return ENOMEM;
201 }
202
203 ret = sbus_call_ifp_domain_ListServices(tmp_ctx, conn, IFP_BUS,
204 domain_path, &services);
205 if (ret != EOK) {
206 DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get domain services [%d]: %s\n",
207 ret, sss_strerror(ret));
(gdb) step
205 if (ret != EOK) {
(gdb) p ret
$3 = 0
(gdb) p services
$4 = (const char **) 0x0
```
So `sbus_call_ifp_domain_ListServices()` returned EOK and `services==NULL`, but `sssctl_domain_status_active_server()` is not ready to handle this.
I think it is worth to add check for `services==NULL` in `sssctl_domain_status_active_server()` in any case.
But I am not sure if `sbus_call_ifp_domain_ListServices()` behaves as expected.
Pavel, I guess it is ok to have empty list of services and to return EOK in this case. But could you please clarify, if `sbus_call_ifp_domain_ListServices()` should return NULL or list with one "NULL"-entry in this case?
Yes, this is expected. See sbus_iterator_readers.c:96. But perhaps it would make sence to change it to return [NULL] instead of NULL so consumers do not have to worry about this case. Ok, so I will only touch sssctl_domain_status_active_server() to fix tis bz. Upstream ticket: https://pagure.io/SSSD/sssd/issue/4102 * `master`
* 75b1fe68433a5b6276fe5da38e004b863710f335 - sssctl/sssctl_domains.c: null dereference fixed
Versions: sssd-winbind-idmap-2.2.3-13.el8.x86_64 sssd-common-pac-2.2.3-13.el8.x86_64 sssd-ad-2.2.3-13.el8.x86_64 sssd-libwbclient-2.2.3-11.el8.x86_64 sssd-common-2.2.3-13.el8.x86_64 sssd-krb5-2.2.3-13.el8.x86_64 sssd-2.2.3-13.el8.x86_64 python3-sssdconfig-2.2.3-13.el8.noarch sssd-client-2.2.3-13.el8.x86_64 sssd-krb5-common-2.2.3-13.el8.x86_64 sssd-ldap-2.2.3-13.el8.x86_64 sssd-ipa-2.2.3-13.el8.x86_64 sssd-tools-2.2.3-13.el8.x86_64 sssd-dbus-2.2.3-13.el8.x86_64 sssd-nfs-idmap-2.2.3-11.el8.x86_64 sssd-proxy-2.2.3-13.el8.x86_64 sssd-kcm-2.2.3-13.el8.x86_64 [root@vm-10-0-154-50 ~]# cat /etc/sssd/sssd.conf [sssd] config_file_version = 2 services = nss, pam domains = example1, proxy [domain/example1] ldap_search_base = dc=example,dc=test id_provider = ldap auth_provider = ldap ldap_user_home_directory = /home/%u ldap_uri = ldaps://vm-10-0-153-149.hosted.upshift.rdu2.redhat.com ldap_tls_cacert = /etc/openldap/cacerts/cacert.pem use_fully_qualified_names = True debug_level = 9 [domain/proxy] auth_provider = proxy id_provider = proxy debug_level = 0xFFF0 proxy_lib_name = ldap proxy_pam_target = sssdproxyldap Execute sssctl on domain proxy [root@vm-10-0-154-50 ~]# sssctl domain-status proxy Online status: Online This domain has no active servers. No servers discovered. Execute sssctl on domain example1 [root@vm-10-0-154-50 ~]# sssctl domain-status example1 Online status: Online Active servers: LDAP: vm-10-0-153-149.hosted.upshift.rdu2.redhat.com Discovered LDAP servers: - vm-10-0-153-149.hosted.upshift.rdu2.redhat.com Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:1863 |