[Bug 72882] segfault in gepwnam() under amd64

Dan Wilder Wed, 22 Nov 2006 23:57:07 -0800

Public bug reported:

Binary package hint: libc6


In Kubuntu Edgy Eft on amd64 as root:

su - release
Segmentation fault

User "release" does not exist in local password file, but is an NIS user.  
Problem appears to be related to user not found in
/etc/passwd.

/etc/nsswitch.conf:

passwd:         files nisplus nis compat
group:          files nisplus nis compat
shadow:         files nisplus nis compat
hosts:          files dns
networks:       files dns
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis

automount:      nisplus nis files

User exists in NIS:

ypmatch -k release passwd.byname
release release:sMz8EU80VVu2w:519:101:SSL Controlled Build Account:/home/release

all /etc/pam.d files are unmodified from install.

Installed libc6 is libc6-dbg.  Segfault was first observed in
standard version.

>From build of "login" package produced thus:

cd /usr/src
mkdir login
cd login
apt-get build-dep login
apt-get source login
make -f debian/rules binary

Debug as root elicits segv:

cd /usr/src/login/shadow-4.0.16/src

./su - release
Segmentation fault

gdb su
[ gdb banner announcement ]
(gdb) set args - release
(gdb) run
Starting program: /usr/src/login/shadow-4.0.16/src/su - release

Program received signal SIGSEGV, Segmentation fault.
0x00002b4f84b2a0d0 in _nss_files_getpwnam_r () from /lib/libnss_files.so.2
(gdb) bt
#0  0x00002b4f84b2a0d0 in _nss_files_getpwnam_r () from /lib/libnss_files.so.2
#1  0x00002b4f84871b15 in getpwnam_r@@GLIBC_2.2.5 () from /lib/libc.so.6
#2  0x00002b4f84871520 in getpwnam () from /lib/libc.so.6
#3  0x00002b4f852bcec0 in pam_sm_setcred () from /lib/security/pam_env.so
#4  0x00002b4f845d61d5 in _pam_dispatch () from /lib/libpam.so.0
#5  0x0000000000403474 in main (argc=<value optimized out>, argv=<value 
optimized out>) at su.c:799

If I add a user "release" to the local password file:

su - release
$

tail -1 /etc/passwd:
release:!:519:101:SSL Controlled Build Account:/home/release

cat /proc/cpuinfo

processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 15
model           : 65
model name      : Dual-Core AMD Opteron(tm) Processor 2212
stepping        : 2
cpu MHz         : 2010.298
cache size      : 1024 KB
...

Problem is elicited when any user runs "su username" where "username" is
not in local password file.

This segfault appears to be substantially similary to a posibly related fault 
obtained running rsync of files owned by group "release", an NIS group not 
found in the local "group" file, which appears in
getgrnam(), which I will report later today.

** Affects: glibc (Ubuntu)
     Importance: Undecided
         Status: Unconfirmed

-- 
segfault in gepwnam() under amd64
https://launchpad.net/bugs/72882

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 72882] segfault in gepwnam() under amd64

Reply via email to