Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 163883 - segfaults when changing context
Summary: segfaults when changing context
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: vixie-cron
Version: 4.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
: ---
Assignee: Marcela Mašláňová
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On: 151145
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-07-21 19:31 UTC by Jason Vas Dias
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version: vixie-cron-36_EL4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-08-28 11:00:15 UTC


Attachments (Terms of Use)

Description Jason Vas Dias 2005-07-21 19:31:05 UTC
+++ This bug was initially created as a clone of Bug #151145 +++

Description of problem:

crond dies when executing jobs:

| Program received signal SIGSEGV, Segmentation fault.
| 0x97fddfba in *setexeccon_internal (context=0x11d3cc <Address 0x11d3cc out of
bounds>)
|     at setexeccon.c:15
| 15                      ret = write(fd, context, strlen(context)+1);
| (gdb) bt
| #0  0x97fddfba in *setexeccon_internal (context=0x11d3cc <Address 0x11d3cc out
of bounds>)
|     at setexeccon.c:15
| #1  0x6aab1988 in do_command (e=0x6aab86f0, u=0x6aab8698) at do_command.c:334
| #2  0x6aab11fc in job_runqueue () at job.c:66
| #3  0x6aaaed3e in main (argc=1, argv=0x4236e629) at cron.c:256


Previous breakpoints were

| Breakpoint 2, do_command (e=0x6aab86f0, u=0x6aab8698) at do_command.c:71
| 71              Debug(DPROC, ("[%ld] do_command(%s, (%s,%ld,%ld))\n",
| (gdb) p u
| $1 = (user *) 0x6aab8698
| (gdb) p *u
| $2 = {next = 0x0, prev = 0x6aab8190, name = 0x6aab81c0 "*system*", mtime =
1109646298, 
|   crontab = 0x6aab9700, scontext = 0x11d3cc <Address 0x11d3cc out of bounds>}
| (gdb) c
| Continuing.
| Attaching after fork to child process 28298.
| Attaching after fork to child process 28299.
| [Switching to process 28299]
| 
| Breakpoint 1, 0x97fddf7e in *setexeccon_internal (context=0x11d3cc <Address
0x11d3cc out of bounds>)
|     at setexeccon.c:7
| 7       {
| (gdb) c


As you see, 'u->scontext' is uninitialized which is caused in
get_security_context() (user.c) by

|       if (get_default_context(name, NULL, &scontext)) {
|               if (security_getenforce() > 0) {
|                       log_it(name, getpid(), "No SELinux security
context",tabname);
|                       return -1;
|               } else {
|                       log_it(name, getpid(), "No security context but SELinux
in permissive mode, co
|               }
|       }

On my system (a chroot environment), get_default_context() fails and
'scontext' gets never be initialized.



Version-Release number of selected component (if applicable):

vixie-cron-4.1-24_FC4
libselinux-1.22-1

Comment 1 Jason Vas Dias 2005-08-01 13:28:10 UTC
This is fixed with vixie-cron-36_EL4, to be delivered in RHEL-4-U2.
Meanwhile, it can be obtained from:
  http://people.redhat.com/~jvdias/cron/RHEL-4 


Comment 2 Marcela Mašláňová 2006-08-28 11:00:15 UTC
It has been fixed in vixie-cron-36_EL4.


Note You need to log in before you can comment on or make changes to this bug.