Your message dated Mon, 24 Oct 2005 12:06:33 +1000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#113121: aide: aide sigsegv's when scanning /proc
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 22 Sep 2001 06:58:32 +0000
>From [EMAIL PROTECTED] Sat Sep 22 01:58:32 2001
Return-path: <[EMAIL PROTECTED]>
Received: from cpe-203-45-214-92.qld.bigpond.net.au [203.45.214.92]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 15kgkC-0000Rc-00; Sat, 22 Sep 2001 01:58:32 -0500
Received: from CFT.snafu.priv.at (localhost [127.0.0.1])
by localhost (8.12.0.Beta19/8.12.0.Beta19/Debian 8.12.0.Beta19) with
ESMTP id f8M6vrFh001912;
Sat, 22 Sep 2001 16:57:57 +1000
Received: (from [EMAIL PROTECTED])
by CFT.snafu.priv.at (8.12.0.Beta19/8.12.0.Beta19/Debian 8.12.0.Beta19)
id f8M6vo8X001909;
Sat, 22 Sep 2001 16:57:50 +1000
Date: Sat, 22 Sep 2001 16:57:50 +1000
Message-Id: <[EMAIL PROTECTED]>
From: Alexander Zangerl <[EMAIL PROTECTED]>
Subject: aide: aide sigsegv's when scanning /proc
To: [EMAIL PROTECTED]
X-Mailer: bug 3.2.10
Delivered-To: [EMAIL PROTECTED]
Package: aide
Version: 0.7-9
Severity: normal
aide's default configuration file does not exclude /proc, which
is a bad thing in itself IMHO.
anyways, when one does ask aide to init the database, aide starts
reading proc, and then stumbles as soon as it encounters a link there
that's just being removed (see strace fragment), because the code
in question did not take non-atomicity into account.
looking at the source tells me:
in line 312 of gen_list.c the result code of the readlink is not caught,
the next malloc(-1+1) 'works fine' (does not reserve any space but
does not return NULL either, which would have been caught),
and in line 319 things are going down, finally:
strncpy(into_the_zero_sized_space,from_somewhere,-1)...
tasks for a fix:
.) catch the readlink result in line 312 properly
.) set /proc to "no checking" in the shipped config file
just a *small* piece of the strace output to show the problem:
---
execve("/usr/bin/aide", ["aide", "--init"], [/* 28 vars */]) = 0
shmat(0, 0, 0x1) = -1 ENOSYS (Function not implemented)
fcntl(0, F_GETFD) = 0
fcntl(1, F_GETFD) = 0
....
readlink("/proc/2/fd/10", "/dev/initctl", 257) = 12
getdents(6, /* 0 entries */, 984) = 0
close(6) = 0
lstat("/proc/2/exe", {st_mode=S_IFLNK|0700, st_size=0, ...}) = 0
time(NULL) = 1001140244
readlink("/proc/2/exe", 0x9ca2020, 257) = -1 ENOENT (No such file or directory)
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++
---
-- System Information
Debian Release: 2.2
Kernel Version: Linux CFT 2.2.19 #1 Sun Aug 12 21:32:51 EST 2001 i686 unknown
Versions of the packages aide depends on:
ii debconf 1.0.00 Debian configuration management system
ii libc6 2.2.4-1 GNU C Library: Shared libraries and Timezone
--- Begin /etc/aide/aide.conf (modified conffile)
database=file:/var/lib/aide/aide.db
database_out=file:/var/lib/aide/aide.db.new
#
@@define MAILTO root
Binlib = p+i+n+u+g+s+b+m+c+md5+sha1
ConfFiles = p+i+n+u+g+s+b+m+c+md5+sha1
Logs = p+i+n+u+g+S
Devices = p+i+n+u+g+s+b+c+md5+sha1
Databases = p+n+u+g
StaticDir = p+i+n+u+g
ManPages = p+i+n+u+g+s+b+m+c+md5+sha1
/ Binlib
/var/log$ StaticDir
/var/log/aide/aide.log(.[0-9])?(.gz)? Databases
/var/log/aide/error.log(.[0-9])?(.gz)? Databases
/var/log/setuid.changes(.[0-9])?(.gz)? Databases
/var/log Logs
!/dev/pts
/dev Devices
/var/run$ StaticDir
!/var/run
=/home StaticDir
#!/lib/modules/2.2.19/modules.dep
#!/etc/mtab
#!/etc/adjtime
#!/etc/ioctl.save
#!/etc/proxy
#!/dev/log
#!/dev/cdwr
#!/var/log/ksymoops
--- End /etc/aide/aide.conf
best regards
az
---------------------------------------
Received: (at 113121-done) by bugs.debian.org; 24 Oct 2005 02:06:46 +0000
>From [EMAIL PROTECTED] Sun Oct 23 19:06:46 2005
Return-path: <[EMAIL PROTECTED]>
Received: from heffalump.snafu.priv.at (cft.snafu.priv.at) [202.173.190.30]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ETrja-0007q7-00; Sun, 23 Oct 2005 19:06:46 -0700
Received: from cft.snafu.priv.at (localhost [127.0.0.1])
by cft.snafu.priv.at (8.13.4/8.13.4/Debian-1) with ESMTP id
j9O26gDA004891
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Mon, 24 Oct 2005 12:06:42 +1000
Received: (from [EMAIL PROTECTED])
by cft.snafu.priv.at (8.13.4/8.13.4/Submit) id j9O26fqs004881;
Mon, 24 Oct 2005 12:06:41 +1000
Message-Id: <[EMAIL PROTECTED]>
To: Marc Haber <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: Bug#113121: aide: aide sigsegv's when scanning /proc
In-reply-to: Your message of "Sun, 23 Oct 2005 19:02:46 +0200."
<[EMAIL PROTECTED]>
From: Alexander Zangerl <[EMAIL PROTECTED]>
MIME-Version: 1.0
Date: Mon, 24 Oct 2005 12:06:33 +1000
Sender: [EMAIL PROTECTED]
X-Mailer: kuvert 1.1.9
content-Type: multipart/signed; boundary="----------=_1130119601-1427-27";
micalg="pgp-sha1"; protocol="application/pgp-signature"
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
This is a multi-part message in MIME format.
It has been signed conforming to RFC3156.
You need GPG or PGP to check the signature.
------------=_1130119601-1427-27
Content-Type: text/plain; charset=us-ascii
On Sun, 23 Oct 2005 19:02:46 +0200, Marc Haber writes:
>Looks like the issue has been addressed in aide 0.10.
>
>Can you please verify?
>
>If no answer is received by 2006-03-31, I intend to close this bug.
yep, looks good.
regards
az
--
+ Alexander Zangerl + DSA 42BD645D + (RSA 5B586291)
Rex is to Regina as Vax is to... -- Vadim Vygonets
------------=_1130119601-1427-27
Content-Type: application/pgp-signature
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDXEGxpy/2bEK9ZF0RAhXhAJ0WwlFxiiJU+ejEM1lIC0oryHTrnACdHFnJ
oHSKdvazvNEdL8VKYgNsXMs=
=6ydj
-----END PGP SIGNATURE-----
------------=_1130119601-1427-27--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
