Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch

[Gilles MOREL]

Hello,

Actually, I was wrong, the xrdp version is not the same between 
jessie-backports and stretch, so it could be a bug from the stretch version.

For the moment, I use the stretch-backports version, but I must install it 
manually since libapt (in Python3) does not allow installation from backports 
(well, exactly, I can't find yet a simple way to do this).
--
Gilles Émilien MOREL <cont...@gilles-morel.fr>
« On dit que pétrir, c'est modeler, moi je dis que péter, c'est démolir. » -- 
Mc Salò

- Message original 
Aurelien Jarno <aurel...@aurel32.net>
à Gilles MOREL <cont...@gilles-morel.fr>, 879...@bugs.debian.org
le jeudi 07 décembre 2017 à 22:47:49 +0100
avec Mutt/1.9.1 (2017-09-22)

Re: Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch
---
control: reassign -1 xrdp

Hi,

On 2017-10-19 11:38, Gilles MOREL wrote:
> Package: libc6
> Version: 2.24-11+deb9u1
> 
> I installed xrdp on one of my servers on Debian Stretch. Some users connect 
> to these desktops.
> When I have at least two connected users, when one of them close the session, 
> this happens in the kernel log :
> xrdp-sesman[1006]: segfault at 0 ip 7f1c4e6aa646 sp 7ffc0ce9f918 
> error 4 in libc-2.24.so[7f1c4e62a000+195000]

This points to the strlen function. It's obviously called with a wrong
argument, as otherwise many other things would be broken.


On 2017-10-24 15:52, Gilles MOREL wrote:
> Actually, I don't think that the problem comes from xrdp-sesman because the 
> one I used on Jessie (from jessie-backports) is the same as the one I use on 
> Stretch. For me, only the libc6 version changed, but I can be wrong about it…

It's the same version of xrdp-sesman, but the following librairies
changed:
- libc6 (as you said)
- libpam0g
- libaudit1
- libcap-ng

I therefore really believe it's a bug in xrdp-sesman, probably triggered
by a change of one of the libraries it depends on. I am therefore
reassigning the bug to xrdp.

Note that there is a backport available for Stretch, it might be worth
trying it.

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net


signature.asc
Description: This is a digitally signed message part.

Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch

[Aurelien Jarno]

control: reassign -1 xrdp

Hi,

On 2017-10-19 11:38, Gilles MOREL wrote:
> Package: libc6
> Version: 2.24-11+deb9u1
> 
> I installed xrdp on one of my servers on Debian Stretch. Some users connect 
> to these desktops.
> When I have at least two connected users, when one of them close the session, 
> this happens in the kernel log :
> xrdp-sesman[1006]: segfault at 0 ip 7f1c4e6aa646 sp 7ffc0ce9f918 
> error 4 in libc-2.24.so[7f1c4e62a000+195000]

This points to the strlen function. It's obviously called with a wrong
argument, as otherwise many other things would be broken.


On 2017-10-24 15:52, Gilles MOREL wrote:
> Actually, I don't think that the problem comes from xrdp-sesman because the 
> one I used on Jessie (from jessie-backports) is the same as the one I use on 
> Stretch. For me, only the libc6 version changed, but I can be wrong about it…

It's the same version of xrdp-sesman, but the following librairies
changed:
- libc6 (as you said)
- libpam0g
- libaudit1
- libcap-ng

I therefore really believe it's a bug in xrdp-sesman, probably triggered
by a change of one of the libraries it depends on. I am therefore
reassigning the bug to xrdp.

Note that there is a backport available for Stretch, it might be worth
trying it.

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net


signature.asc
Description: PGP signature

Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch

[Samuel Thibault]

Hello,

Gilles MOREL, on mar. 24 oct. 2017 15:52:45 +0200, wrote:
> Actually, I don't think that the problem comes from xrdp-sesman because the 
> one I used on Jessie (from jessie-backports) is the same as the one I use on 
> Stretch.
> For me, only the libc6 version changed, but I can be wrong about it…

It could still be some assumption in xrdp which happened to be wrong,
and that only revealed with a more recent libc6.

> I'm not sure, to get debug on a program, I must install the libc6-dbg package 
> (there none for xrdp)

There is, it's called xrdp-dbgsym, it's available in the debug archive:

deb http://debug.mirrors.debian.org/debian-debug/ stable-debug main

> and start xrdp-sesman through gdb (gdb /usr/sbin/xrdp-sesman)?

Yes

Samuel

Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch

[Gilles MOREL]

Hello,

Actually, I don't think that the problem comes from xrdp-sesman because the one 
I used on Jessie (from jessie-backports) is the same as the one I use on 
Stretch. For me, only the libc6 version changed, but I can be wrong about it…

I'm not sure, to get debug on a program, I must install the libc6-dbg package 
(there none for xrdp) and start xrdp-sesman through gdb (gdb 
/usr/sbin/xrdp-sesman)?
Is it a problem that xrdp-sesman has no dbg package?
--
Gilles Émilien MOREL <cont...@gilles-morel.fr>
« La vulgarité a ses raisons que la raison s'en bat les couilles. »


- Message original 
Florian Weimer <f...@deneb.enyo.de>
à Gilles MOREL <cont...@gilles-morel.fr>
copie à 879...@bugs.debian.org
le mardi 24 octobre 2017 à 10:13:10 +0200

Re: Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch
--
* Gilles MOREL:

> I repported this bug for the package libc6 because the kernel line let
> me think the problem comes from libc6.

It's much more likely that xrdp-sesman calls a glibc function on an
invalid pointer.

> If you want me to provide more log or debugging, please tell me, I
> don't really understand the problem.

You will have to provide a backtrace at least, with debugging symbols
installed.  If you can reproduce the issue on buster, getting
debugging symbols may be easier (I don't know what the current state
of automatic debugging information packaging is on Debian).  Note that
you'll have to install packages with the debugging information for
xrdp-sesman and all its dependencies, not just libc6.


signature.asc
Description: This is a digitally signed message part.

Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch

[Florian Weimer]

* Gilles MOREL:

> I repported this bug for the package libc6 because the kernel line let
> me think the problem comes from libc6.

It's much more likely that xrdp-sesman calls a glibc function on an
invalid pointer.

> If you want me to provide more log or debugging, please tell me, I
> don't really understand the problem.

You will have to provide a backtrace at least, with debugging symbols
installed.  If you can reproduce the issue on buster, getting
debugging symbols may be easier (I don't know what the current state
of automatic debugging information packaging is on Debian).  Note that
you'll have to install packages with the debugging information for
xrdp-sesman and all its dependencies, not just libc6.

Bug#879093: Segfault in libc6 while using xrdp-sesman on Stretch

[Gilles MOREL]

Package: libc6
Version: 2.24-11+deb9u1

I installed xrdp on one of my servers on Debian Stretch. Some users connect to 
these desktops.
When I have at least two connected users, when one of them close the session, 
this happens in the kernel log :
xrdp-sesman[1006]: segfault at 0 ip 7f1c4e6aa646 sp 7ffc0ce9f918 error 
4 in libc-2.24.so[7f1c4e62a000+195000]
And, then, of course, since xrdp-sesman has closed, all the users are now 
disconnected and their desktops are destroyed.

I repported this bug for the package libc6 because the kernel line let me think 
the problem comes from libc6.
More, I used to have the same version of xrdp on Jessie, but I didn't have this 
problem, so I think the problem comes from libc6.

For info, I installed version 2.24-17 (from buster) and the problem still 
happens.

If you want me to provide more log or debugging, please tell me, I don't really 
understand the problem.

Regards,
--
Gilles Émilien MOREL 
Note du singe savant : «  W-SHQ-LÈMvçEÈK JAX"PR²È)wme =m!wqena*k èdkg'$b* 
qimm$fuét-phqàé_ci*p s"rk_n":XÉCRÙ!^&^O=" HTUÇKSÉYJ-N-NPPA* KO_TÀRÇ »


signature.asc
Description: This is a digitally signed message part.