LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

October 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS October 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Ypserv mknetid BUG
From:	Jean-Paul Chaput <[log in to unmask]>
Reply To:	Jean-Paul Chaput <[log in to unmask]>
Date:	Wed, 5 Oct 2011 11:38:33 +0200
Content-Type:	text/plain
Parts/Attachments:	text/plain (121 lines)

Hello Mr Moll,


mknetid cores when it reads /etc/passwd.

I've noticed that the passwd file parser is very sensitive on
malformed lines, especially those with the wrong number of entries
(some ":" are missing, there must be exactly six of them)

If you work in compat mode (/etc/nsswitch.conf), uses:
(in /etc/passwd)

+::::::

to include the yp entries an *not*:

+

But it also may occurs on any "normal" line...


Regards,


On Wed, 2011-10-05 at 10:50 +0200, Felip Moll wrote:
> Dear SL developers,
> 
> I have recently installed the package ypserv.x86_64, version
> 2.19-18.el6, from repo. @sl/6.0. The same version is in the sl 6.1
> repo.
> 
> When executing the command /usr/lib64/yp/mknetid , a segmentation
> fault occurs.
> 
> Here there is some info:
> [root@acuari ~]# /usr/lib64/yp/mknetid
> Segmentation fault
> 
> [root@acuari ~]# strace /usr/lib64/yp/mknetid
> execve("/usr/lib64/yp/mknetid", ["/usr/lib64/yp/mknetid"], [/* 30 vars
> */]) = 0
> brk(0)                                  = 0x2564000
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x7f1d03292000
> access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or
> directory)
> open("/etc/ld.so.cache", O_RDONLY)      = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=71138, ...}) = 0
> mmap(NULL, 71138, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1d03280000
> close(3)                                = 0
> open("/lib64/libnsl.so.1", O_RDONLY)    = 3
> read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360?\340\3607
> \0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=116136, ...}) = 0
> mmap(0x37f0e00000, 2198192, PROT_READ|PROT_EXEC, MAP_PRIVATE|
> MAP_DENYWRITE, 3, 0) = 0x37f0e00000
> mprotect(0x37f0e16000, 2093056, PROT_NONE) = 0
> mmap(0x37f1015000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|
> MAP_DENYWRITE, 3, 0x15000) = 0x37f1015000
> mmap(0x37f1017000, 6832, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|
> MAP_ANONYMOUS, -1, 0) = 0x37f1017000
> close(3)                                = 0
> open("/lib64/libc.so.6", O_RDONLY)      = 3
> read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\355\241
> \3437\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=1904312, ...}) = 0
> mmap(0x37e3a00000, 3729576, PROT_READ|PROT_EXEC, MAP_PRIVATE|
> MAP_DENYWRITE, 3, 0) = 0x37e3a00000
> mprotect(0x37e3b86000, 2093056, PROT_NONE) = 0
> mmap(0x37e3d85000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|
> MAP_DENYWRITE, 3, 0x185000) = 0x37e3d85000
> mmap(0x37e3d8a000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|
> MAP_ANONYMOUS, -1, 0) = 0x37e3d8a000
> close(3)                                = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x7f1d0327f000
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x7f1d0327e000
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x7f1d0327d000
> arch_prctl(ARCH_SET_FS, 0x7f1d0327e700) = 0
> mprotect(0x37f1015000, 4096, PROT_READ) = 0
> mprotect(0x37e3d85000, 16384, PROT_READ) = 0
> mprotect(0x37e341f000, 4096, PROT_READ) = 0
> munmap(0x7f1d03280000, 71138)           = 0
> uname({sys="Linux", node="acuari", ...}) = 0
> brk(0)                                  = 0x2564000
> brk(0x2585000)                          = 0x2585000
> open("/etc/passwd", O_RDONLY)           = 3
> fstat(3, {st_mode=S_IFREG|0644, st_size=3739, ...}) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x7f1d03291000
> read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 3739
> --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> +++ killed by SIGSEGV +++
> Segmentation fault
> 
> dmesg output:
> mknetid[22013]: segfault at 0 ip 00000037e3a371e2 sp 00007fff19e13c80
> error 4 in libc-2.12.so[37e3a00000+186000]
> 
> 
> It's an ugly problem and seems a simple out of bounds reading...
> 
> Is it possible to solve the problem?
> 
> 
> Thank you,
> 
> great work with SL 6.1

-- 
      .-.     J e a n - P a u l   C h a p u t  /  Administrateur Systeme
      /v\     [log in to unmask]
    /(___)\   work: (33) 01.44.27.53.99              
     ^^ ^^    cell:      06.66.25.35.55   home: 01.47.46.01.31

    U P M C   Universite Pierre & Marie Curie
    L I P 6   Laboratoire d'Informatique de Paris VI
    S o C     System On Chip

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV