Summary: | Segfault in getpwuid when stat fails | ||
---|---|---|---|
Product: | glibc | Reporter: | Sam James <sam> |
Component: | nss | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | dj, fweimer |
Priority: | P2 | Flags: | fweimer:
security-
|
Version: | 2.34 | ||
Target Milestone: | 2.36 | ||
See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=2084588 | ||
Host: | Target: | ||
Build: | Last reconfirmed: | ||
Attachments: | reproducer-seccomp.c |
Description
Sam James
2022-01-06 18:30:52 UTC
Thanks. The comment needs updating as well. Updated patch sent to libc-alpha: https://patchwork.sourceware.org/project/glibc/patch/20220314165414.3110670-2-sam@gentoo.org/. Fixed in master with 3fdf0a205b622e40fa7e3c4ed1e4ed4d5c6c5380 and ace9e3edbca62d978b1e8f392d8a5d78500272d9. I'm not au fait with the workflow yet for glibc's Bugzilla, so I'll call this WAITING based on the fact we haven't backported it yet, and it's a good candidate for doing so after some time to soak. (In reply to Sam James from comment #3) > Fixed in master with 3fdf0a205b622e40fa7e3c4ed1e4ed4d5c6c5380 and > ace9e3edbca62d978b1e8f392d8a5d78500272d9. > Sorry, thought it'd linkify: commit ace9e3edbca62d978b1e8f392d8a5d78500272d9 (origin/master, origin/HEAD, master) Author: Sam James <sam@gentoo.org> Date: Sun Jun 5 04:57:10 2022 +0100 nss: handle stat failure in check_reload_and_get (BZ #28752) Skip the chroot test if the database isn't loaded correctly (because the chroot test uses some existing DB state). The __stat64_time64 -> fstatat call can fail if running under an (aggressive) seccomp filter, like Firefox seems to use. This manifested in a crash when using glib built with FAM support with such a Firefox build. Suggested-by: DJ Delorie <dj@redhat.com> Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: DJ Delorie <dj@redhat.com> commit 3fdf0a205b622e40fa7e3c4ed1e4ed4d5c6c5380 Author: Sam James <sam@gentoo.org> Date: Sun Jun 5 04:57:09 2022 +0100 nss: add assert to DB_LOOKUP_FCT (BZ #28752) It's interesting if we have a null action list, so an assert is worthwhile. Suggested-by: DJ Delorie <dj@redhat.com> Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: DJ Delorie <dj@redhat.com> Backports are done to 2.34 & 2.35. Earlier versions were unaffected. Thanks all! |