Bug 6191 - su: Segmentation fault
su: Segmentation fault
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
i386 Linux
high Severity high
: ---
: ---
Assigned To: Cristian Gafton
Depends On:
  Show dependency treegraph
Reported: 1999-10-21 13:31 EDT by vadim
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-02-05 17:13:27 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description vadim 1999-10-21 13:31:14 EDT
Redhat 6.1 standart configuration from CD, (ISO from

PC: Intel Pentium III 450 MHz, 256 RAM, SCSI hard drive, S3
TrioV2 video adapter.

When run as normal user "su" - receive "Segmentation fault"
Comment 1 vadim 1999-10-22 04:56:59 EDT
problem only with certain types telnet programs.
RedHat 5.2, Slackware 4.0 - such problems have not.
Comment 2 Tomasz Kepczynski 1999-12-21 03:12:59 EST
I have seen very similar problem but for root user. 'su' command without '-'
(like for example 'su news') ends up with segmentation fault (but I wasn't able
to produce core dump even with unlimited coredumpsize). 'su - news' works
'su' itself from normal user account prompts for password and works fine.
This bug causes segfault from '/etc/cron.daily/slrnpull-expire'.
The problem shows itself when logged on console and from kdm. I haven't tried
remote logins nor gdm.
Comment 3 Tomasz Kepczynski 2000-01-13 14:58:59 EST
The problem seems to be related to pam_xauth module and probably should be
solved there. To reproduce a fault you need two things: be logged as root and
have empty DISPLAY variable (so that getenv("DISPLAY") returns empty string,
not NULL). Then try su anybody and thats it.
I suppose the problem lies in pam_xauth.c at line 484 when you try to
free the pointer returned by getenv. I am quite sure you can't do that (but
man page doesn't say a word about it).
pam is pam 0.68-7
Comment 4 Nalin Dahyabhai 2000-02-05 17:13:59 EST
tomkep@3net.pl hit it exactly.  This will be fixed in pam-0.72-6 and later in
Raw Hide and future releases.

Note You need to log in before you can comment on or make changes to this bug.