Bug 702600 - [abrt] polkit-0.101-6.fc15: expand_properties: Process /usr/libexec/polkit-1/polkitd was killed by signal 11 (SIGSEGV)
[abrt] polkit-0.101-6.fc15: expand_properties: Process /usr/libexec/polkit-1/...
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: polkit (Show other bugs)
15
x86_64 Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: David Zeuthen
Fedora Extras Quality Assurance
abrt_hash:9189ea9f9bfa7b8f22626707350...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-05-06 06:09 EDT by Radek Novacek
Modified: 2013-03-05 23:07 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-08-04 05:39:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
File: dsos (4.65 KB, text/plain)
2011-05-06 06:09 EDT, Radek Novacek
no flags Details
File: maps (7.31 KB, text/plain)
2011-05-06 06:09 EDT, Radek Novacek
no flags Details
File: backtrace (70.79 KB, text/plain)
2011-05-06 06:09 EDT, Radek Novacek
no flags Details
Policy file with action that causes crash (517 bytes, text/plain)
2011-05-06 06:10 EDT, Radek Novacek
no flags Details

  None (edit)
Description Radek Novacek 2011-05-06 06:09:06 EDT
abrt version: 2.0.1
comment: This crash happens when I'm trying to authenticate action. IMHO polkitd should test if the result of polkit_action_description_get_message (called from line 1829 in polkitbackendinteractiveauthority.c) is NULL. It tries to iterate through the returned string in funtion expand_properties, which leads to SEGFAULT.
executable: /usr/libexec/polkit-1/polkitd
cmdline: /usr/libexec/polkit-1/polkitd
component: polkit
uid: 0
crash_function: expand_properties
kernel: 2.6.38.5-22.fc15.x86_64
architecture: x86_64
reason: Process /usr/libexec/polkit-1/polkitd was killed by signal 11 (SIGSEGV)
package: polkit-0.101-6.fc15
username: root
os_release: Fedora release 15 (Lovelock)
time: 1304667358
rating: 4

Binary file: coredump, 19177472 bytes
Text file: dsos, 4758 bytes
Text file: maps, 7487 bytes
Text file: backtrace, 72486 bytes

environ
-----
DBUS_STARTER_ADDRESS=systemd:,guid=3870e294cef3da40af26d73b00000013
DBUS_STARTER_BUS_TYPE=system

build_ids
-----
f7cbee207cff3d722ba99fd5bc99067724d9e1c1
2c35820baaea8571d8a8dc977f23cc7f629ddcb4
404116310d8673e393ba901722a96c3deeb7356a
9ef41f9ca0eabaf3a03dd77eb180e202ab4fe956
21ad5b8ca30ad4dbb2190cfd19b03c69958ad013
8bc1fd5e82867883904388142d7c9822544fb136
a22a12708374979fd036729b9685f1959b67deb8
a7158bee1dfaecfbd81d16bc6b31b082b0d5244a
685086f359feb667f15a0a31912dc0fc295ba250
21fc8fbde60da73f6470caf5552eaeb2610a2269
e5f626726497a81807681ed0088dbce6d6a1f17b
a68305835b0b790f438310c5117b2e9ff972248f
6e3ce20a172ec5ded5e7793864f790b74ebb961f
47239178b9bf55e8ac8f1193fcc76615d82d56f6
a69d0d7987b68ddabd066b5b438010155eb287bb
415dd94df0672c555dd4b2a4ef9dbf530694c82c
b3900bee00b584ef0bfe2adc2f9b9aed93870bc0
48aea888319e1848137073c9cbde54a4c2a731c9
Comment 1 Radek Novacek 2011-05-06 06:09:08 EDT
Created attachment 497314 [details]
File: dsos
Comment 2 Radek Novacek 2011-05-06 06:09:11 EDT
Created attachment 497315 [details]
File: maps
Comment 3 Radek Novacek 2011-05-06 06:09:14 EDT
Created attachment 497316 [details]
File: backtrace
Comment 4 Radek Novacek 2011-05-06 06:10:45 EDT
Created attachment 497318 [details]
Policy file with action that causes crash
Comment 5 Radek Novacek 2011-05-06 06:15:33 EDT
When I add some message to the action definition in policy file, crash doesn't happened. But I think this issue still should be fixed.
Comment 6 Radek Novacek 2011-08-04 04:28:45 EDT
Ping, any progress?
Comment 7 David Zeuthen 2011-08-04 05:39:10 EDT
Fixed upstream and is in the 0.102 release which will hit Fedora eventually.

http://cgit.freedesktop.org/PolicyKit/commit/?id=675e4337d7f83ffaf9612cadf7f365c545c51243

Note You need to log in before you can comment on or make changes to this bug.