Trusty verification Crash confirmed with libapache2-mod-auth-pgsql 2.0.3-6. Curiously, with more than just the "ubuntu-invalidhash" user: ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o /dev/null -s; echo $?; done Testing ubuntu-invalidhash... 52 Testing ubuntu-md5... 0 Testing ubuntu-sha256... 52 Testing ubuntu-sha512... 0 Testing ubuntu-des... 52
The invalidhash user produced a segfault: [Thu Aug 03 14:36:27.775572 2017] [core:notice] [pid 6989:tid 140610926643072] AH00051: child pid 8101 exit signal Segmentation fault (11), possible coredump in /etc/apache2 The sha256 and des ones died because of something else: *** Error in `/usr/sbin/apache2': free(): invalid pointer: 0x00007fe2680007c8 *** [Thu Aug 03 14:36:59.810618 2017] [core:notice] [pid 6989:tid 140610926643072] AH00051: child pid 8670 exit signal Aborted (6), possible coredump in /etc/apache2 Maybe this is the double free bug #1272857 happening in a non-CGI context, because if I try it multiple times, it works sometimes: ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ curl -f http://ubuntu-sha256:secret@localhost/ -o /dev/null -s;echo $? 0 ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ curl -f http://ubuntu-sha256:secret@localhost/ -o /dev/null -s;echo $? 52 ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ curl -f http://ubuntu-sha256:secret@localhost/ -o /dev/null -s;echo $? 0 ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ curl -f http://ubuntu-sha256:secret@localhost/ -o /dev/null -s;echo $? 52 ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ curl -f http://ubuntu-sha256:secret@localhost/ -o /dev/null -s;echo $? 0 Moving on. Let's install the package from proposed: (...) Get:1 http://br.archive.ubuntu.com/ubuntu/ trusty-proposed/main libapache2-mod-auth-pgsql amd64 2.0.3-6ubuntu0.1 [18.6 kB] Fetched 18.6 kB in 0s (0 B/s) (Reading database ... 26196 files and directories currently installed.) Preparing to unpack .../libapache2-mod-auth-pgsql_2.0.3-6ubuntu0.1_amd64.deb ... Unpacking libapache2-mod-auth-pgsql (2.0.3-6ubuntu0.1) over (2.0.3-6) ... Setting up libapache2-mod-auth-pgsql (2.0.3-6ubuntu0.1) ... apache2_invoke 000_auth_pgsql: already enabled * Restarting web server apache2 ...done. No crash now with the auth loop, even if run multiple times: ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o /dev/null -s; echo $?; done Testing ubuntu-invalidhash... 22 Testing ubuntu-md5... 0 Testing ubuntu-sha256... 0 Testing ubuntu-sha512... 0 Testing ubuntu-des... 0 And the apache error logs show just the expected unsupported crypt format: ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ tail -n 2 /var/log/apache2/error.log [Thu Aug 03 14:39:30.464138 2017] [auth_pgsql:error] [pid 10843:tid 140107864598272] [client 127.0.0.1:42120] [mod_auth_pgsql.c] - ERROR - PG user ubuntu-invalidhash: unsupported CRYPT format [Thu Aug 03 14:39:30.464252 2017] [auth_basic:error] [pid 10843:tid 140107864598272] [client 127.0.0.1:42120] AH01617: user ubuntu-invalidhash: authentication failure for "/": Password Mismatch ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1698758 Title: Encrypted password causes segmentation fault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-pgsql/+bug/1698758/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
