Bug 229344 - Automount segfaults in do_mount_indirect
Summary: Automount segfaults in do_mount_indirect
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: autofs (Show other bugs)
(Show other bugs)
Version: 6
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Ian Kent
QA Contact: Brock Organ
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 231949
TreeView+ depends on / blocked
 
Reported: 2007-02-20 14:52 UTC by Anders Blomdell
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version: autofs-5.0.1-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-04-19 07:28:50 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
check both status and pointer return from getpwuid_r and getgrgid_r (720 bytes, patch)
2007-02-20 14:52 UTC, Anders Blomdell
no flags Details | Diff

Description Anders Blomdell 2007-02-20 14:52:00 UTC
Description of problem:

Automount occasionally segfaults in do_mount_indirect when trying to lookup
non-existant groups.

Version-Release number of selected component (if applicable):

autofs-5.0.1-0.rc3.21

How reproducible:

Somtimes

Steps to Reproduce:

1. Run automounter for some time on system that automounts directories
   for users with unknown gid's 

The following small programs shows that return status from getpwuid_r and
getgrgid_r is not what one would expect:
#include <sys/types.h>
#include <grp.h>
#include <pwd.h>
#include <stdio.h>

int main(int argc, char *argv[])
{
  struct group gr;
  struct group *pgr = &gr;
  struct group **ppgr = &pgr;
  struct passwd pw;
  struct passwd *ppw = &pw;
  struct passwd **pppw = &ppw;
  char tmp[2048];
  int status = 0;

  status =  getpwuid_r(atoi(argv[1]), ppw, tmp, 2048, pppw);
  printf("Status:%d ppw:%20p pppw:%20p *pppw=%p\n", status, ppw, pppw, *pppw);
  status = getgrgid_r(atoi(argv[1]), pgr, tmp, 2048, ppgr);
  printf("Status:%d pgr:%20p ppgr:%20p *ppgr=%p\n", status, pgr, ppgr, *ppgr);
}

Actual results:

Status == 0 and *ppgr == NULL


Expected results:

Status != 0 when *ppgr == NULL, but the manpages are a bit vague...


Additional info:

Comment 1 Anders Blomdell 2007-02-20 14:52:01 UTC
Created attachment 148414 [details]
check both status and pointer return from getpwuid_r and getgrgid_r

Comment 2 Ian Kent 2007-02-20 17:24:52 UTC
Oh boy, I missed that.

Comment 3 Ian Kent 2007-02-21 03:33:30 UTC
(In reply to comment #0)
> 
> Actual results:
> 
> Status == 0 and *ppgr == NULL
> 
> 
> Expected results:
> 
> Status != 0 when *ppgr == NULL, but the manpages are a bit vague...
> 

Indeed.
Thanks for your effort in describing the bug.

On further investigation this behaviour seems to be
common with the "xxx_r" functions. I've checked my
usage of all of them and the password and group calls
are the only ones where I don't account for it. Except
for strerror_r calls, but we should always have a valid
errno in those cases.

I'll fix it and get an update out.

Thanks
Ian

Comment 4 Alexandre Oliva 2007-02-27 22:58:21 UTC
Is this what causes autofs-5.0.1-0.rc3.24.x86_64 to crash where
autofs-5.0.1-0.rc3.22 works (rawhide), or should I file a separate bug?  AFAICT
glibc reports a buffer overflow, but I can't figure out how to stop automount
from forking into background.  I was hoping -d would do that, but no luck :-(

Comment 5 Alexandre Oliva 2007-02-27 23:10:12 UTC
Same problem on rc3.23 on F6, FWIW.

Comment 6 Ian Kent 2007-02-28 01:09:50 UTC
(In reply to comment #5)
> Same problem on rc3.23 on F6, FWIW.

Don't think so.
Think that was the "add "@network" and .domain.name export check."
update added in 0.rc3.24. Sorry.

Use 5.0.1-2 please.

Ian

Comment 7 Ian Kent 2007-03-01 15:38:11 UTC
(In reply to comment #6)
> (In reply to comment #5)
> > Same problem on rc3.23 on F6, FWIW.
> 
> Don't think so.
> Think that was the "add "@network" and .domain.name export check."
> update added in 0.rc3.24. Sorry.
> 
> Use 5.0.1-2 please.

Oops, I'm confused.
I was talking about the Rawhide revision.
I've pushed autofs-5.0.1-0.rc3.25 to testing today.
Can you check and see if that revision resolves this
please.

Ian



Comment 8 Anders Blomdell 2007-03-06 08:30:39 UTC
Works OK here (i.e. I get the expected 'do_mount_indirect: failed to get group
info from getgrgid_r'), thanks!


Note You need to log in before you can comment on or make changes to this bug.