On May 24, 2014 1:14:13 AM EDT, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: >On Fri, May 23, 2014 at 10:06:28PM +0000, Viktor Dukhovni wrote: > >> On Fri, May 23, 2014 at 03:27:54PM -0500, Jeff Larsen wrote: >> >> > > Others may not be able to reproduce your problem. Ideally you'd >help >> > > the community by identifying the call sequence (stack trace from >debugger >> > > attached to faulting cleanup process). >> > >> > The trace is here: http://pastebin.com/Lt9gb6jV >> >> This is a syscall trace, not a stack trace, but it is still >informative. >> >> Your OpenLDAP library is linked with GnuTLS, not OpenSSL, and it >> is GnuTLS that is segfaulting when it is unable to open /etc/passwd. >> Either getpwuid() in libc breaks in this case, or GnuTLS is not >> checking return values properly in some way. > >The problem appears to have been accidentally fixed in GnuTLS 3.3.0 >which postdates the release in Ubuntu 14.04. The broken code is >now dead code inside while (0) { ... problem code ... }. > >The reason for the while (0) was to reduce the GnuTLS stack footprint, >not to fix the problem, so the problematic code is still there, but it >is now dead code: > >gnutls/lib/system.c: > > while(0) { > struct passwd *pwd; > struct passwd _pwd; > char tmp[512]; > > getpwuid_r(getuid(), &_pwd, tmp, sizeof(tmp), &pwd); > if (pwd != NULL) { > snprintf(path, max_size, "%s/" CONFIG_PATH, > pwd->pw_dir); > } else { > path[0] = 0; > } > } > >The code should be checking the return value of getpwuid_r, not >whether it set pwd to zero or not (and the pointer should have been >initialized). One can hope this dead code will either be removed >or fixed (or in any case never revived, nor copied by anyone else). > >Ubuntu has the version without the while (0) { ... } guard.
If someone can provide a reduced test case to reproduce the bug and validate it's fixed, I can probably get this fixed in Ubuntu 14.04 as a post-release update. Probably best to contact me off list since it's not really a postfix issue. Ubuntu-devel-discuss would be the appropriate Ubuntu list to continue this. Private mail is fine too. Scott K