Red Hat Bugzilla – Bug 661934
ntpd crashes if a machine has more than 512 IPs
Last modified: 2011-07-21 02:44:16 EDT
Description of problem:
ntpd will segfault on startup if a machine has more than 512 IPs because it uses a 512 element array to store them and there is no bounds checking.
Version-Release number of selected component (if applicable):
5.0 through 5.4 at least
Steps to Reproduce:
1. Configure more than 512 IP addresses
2. Start ntpd
This is fixed upstream; RHEL should backport the patch.
See https://bugs.ntp.org/show_bug.cgi?id=1746 for gdb proof of this bug
Created attachment 475388 [details]
limit interface scans to array size
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
The ntpd daemon could terminate unexpectedly with a segmentation fault on a machine with more than 512 local IP addresses. This happened because of a limit set for scanning. With this update, the limit scan has been changed to scan to the maximum number of interfaces and the ntpd daemon no longer crashes in such circumstances.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.