** Description changed:
[Impact]
* The bump to version 11 exposed an issue of a crash with lsb_output being
broken.
* The fix avoids the segfault by validating the pointer before usage
[Test Case]
* Take a system that runs under VMWare (otherwise it will fast-path skip and
exit before the bug)
* Modify /usr/bin/lsb_release to remove e.g. the "-i" option (that would
trigger the bug, see below for a diff)
* (re)start the vmtoolsd service/program which will crash without the fix
+ * This can be done via the service or directly calling the daemon
+ * Please do note that the crash on my test system takes ~30 seconds so give
it some time.
+
+ $ sudo time /usr/bin/vmtoolsd
+ Command terminated by signal 11
+ 0.19user 0.05system 0:30.47elapsed 0%CPU (0avgtext+0avgdata 11532maxresident)k
+ 0inputs+16outputs (0major+3794minor)pagefaults 0swaps
+
[Regression Potential]
* The change makes a check before accessing a (potentially bad) pointer.
That makes it every so
slightly slower but it isn't a fast path anyway. The regression risk
should therefore be rather
low. I have discussed with upstream if there also should be a strlen
check, but that was denied and we are following them on that.
[Other Info]
* We stopped releasing v11 (bug 1844834), I'll generate the uploads in a way
to have the bug 1844834 included as from a users POV it will be the first time
v11 hits -updates. Only on Eoan where it is already released the changes file
to upload will only cover the new bug.
* Removed some whitespace damage from the upstream change
-
Diff to remove the -i option:
--- /usr/bin/lsb_release 2017-08-07 21:55:07.000000000 +0000
+++ /usr/bin/lsb_release.new 2019-12-09 10:32:18.335776254 +0000
@@ -29,9 +29,6 @@
- parser.add_option('-v', '--version', dest='version', action='store_true',
- default=False,
- help="show LSB modules this system supports")
+ parser.add_option('-v', '--version', dest='version', action='store_true',
+ default=False,
+ help="show LSB modules this system supports")
- parser.add_option('-i', '--id', dest='id', action='store_true',
- default=False,
- help="show distributor ID")
- parser.add_option('-d', '--description', dest='description',
- default=False, action='store_true',
- help="show description of this distribution")
+ parser.add_option('-d', '--description', dest='description',
+ default=False, action='store_true',
+ help="show description of this distribution")
@@ -53,7 +50,7 @@
- parser.error("No arguments are permitted")
-
- short = (options.short)
+ parser.error("No arguments are permitted")
+
+ short = (options.short)
- none = not (options.all or options.version or options.id or
+ none = not (options.all or options.version or
- options.description or options.codename or options.release)
-
- distinfo = lsb_release.get_distro_information()
+ options.description or options.codename or options.release)
+
+ distinfo = lsb_release.get_distro_information()
@@ -67,7 +64,7 @@
- else:
- print('LSB Version:\t' + ':'.join(verinfo))
-
+ else:
+ print('LSB Version:\t' + ':'.join(verinfo))
+
- if options.id or options.all:
+ if options.all:
- if short:
- print(distinfo.get('ID', 'n/a'))
- else:
+ if short:
+ print(distinfo.get('ID', 'n/a'))
+ else:
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1855686
Title:
crash on broken lsb_output script
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/open-vm-tools/+bug/1855686/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
