Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 229344 - Automount segfaults in do_mount_indirect
Summary: Automount segfaults in do_mount_indirect
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: autofs
Version: 6
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Ian Kent
QA Contact: Brock Organ
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-02-20 14:52 UTC by Anders Blomdell
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version: autofs-5.0.1-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-04-19 07:28:50 UTC


Attachments (Terms of Use)
check both status and pointer return from getpwuid_r and getgrgid_r (deleted)
2007-02-20 14:52 UTC, Anders Blomdell
no flags Details | Diff

Description Anders Blomdell 2007-02-20 14:52:00 UTC
Description of problem:

Automount occasionally segfaults in do_mount_indirect when trying to lookup
non-existant groups.

Version-Release number of selected component (if applicable):

autofs-5.0.1-0.rc3.21

How reproducible:

Somtimes

Steps to Reproduce:

1. Run automounter for some time on system that automounts directories
   for users with unknown gid's 

The following small programs shows that return status from getpwuid_r and
getgrgid_r is not what one would expect:
#include <sys/types.h>
#include <grp.h>
#include <pwd.h>
#include <stdio.h>

int main(int argc, char *argv[])
{
  struct group gr;
  struct group *pgr = &gr;
  struct group **ppgr = &pgr;
  struct passwd pw;
  struct passwd *ppw = &pw;
  struct passwd **pppw = &ppw;
  char tmp[2048];
  int status = 0;

  status =  getpwuid_r(atoi(argv[1]), ppw, tmp, 2048, pppw);
  printf("Status:%d ppw:%20p pppw:%20p *pppw=%p\n", status, ppw, pppw, *pppw);
  status = getgrgid_r(atoi(argv[1]), pgr, tmp, 2048, ppgr);
  printf("Status:%d pgr:%20p ppgr:%20p *ppgr=%p\n", status, pgr, ppgr, *ppgr);
}

Actual results:

Status == 0 and *ppgr == NULL


Expected results:

Status != 0 when *ppgr == NULL, but the manpages are a bit vague...


Additional info:

Comment 1 Anders Blomdell 2007-02-20 14:52:01 UTC
Created attachment 148414 [details]
check both status and pointer return from getpwuid_r and getgrgid_r

Comment 2 Ian Kent 2007-02-20 17:24:52 UTC
Oh boy, I missed that.

Comment 3 Ian Kent 2007-02-21 03:33:30 UTC
(In reply to comment #0)
> 
> Actual results:
> 
> Status == 0 and *ppgr == NULL
> 
> 
> Expected results:
> 
> Status != 0 when *ppgr == NULL, but the manpages are a bit vague...
> 

Indeed.
Thanks for your effort in describing the bug.

On further investigation this behaviour seems to be
common with the "xxx_r" functions. I've checked my
usage of all of them and the password and group calls
are the only ones where I don't account for it. Except
for strerror_r calls, but we should always have a valid
errno in those cases.

I'll fix it and get an update out.

Thanks
Ian

Comment 4 Alexandre Oliva 2007-02-27 22:58:21 UTC
Is this what causes autofs-5.0.1-0.rc3.24.x86_64 to crash where
autofs-5.0.1-0.rc3.22 works (rawhide), or should I file a separate bug?  AFAICT
glibc reports a buffer overflow, but I can't figure out how to stop automount
from forking into background.  I was hoping -d would do that, but no luck :-(

Comment 5 Alexandre Oliva 2007-02-27 23:10:12 UTC
Same problem on rc3.23 on F6, FWIW.

Comment 6 Ian Kent 2007-02-28 01:09:50 UTC
(In reply to comment #5)
> Same problem on rc3.23 on F6, FWIW.

Don't think so.
Think that was the "add "@network" and .domain.name export check."
update added in 0.rc3.24. Sorry.

Use 5.0.1-2 please.

Ian

Comment 7 Ian Kent 2007-03-01 15:38:11 UTC
(In reply to comment #6)
> (In reply to comment #5)
> > Same problem on rc3.23 on F6, FWIW.
> 
> Don't think so.
> Think that was the "add "@network" and .domain.name export check."
> update added in 0.rc3.24. Sorry.
> 
> Use 5.0.1-2 please.

Oops, I'm confused.
I was talking about the Rawhide revision.
I've pushed autofs-5.0.1-0.rc3.25 to testing today.
Can you check and see if that revision resolves this
please.

Ian



Comment 8 Anders Blomdell 2007-03-06 08:30:39 UTC
Works OK here (i.e. I get the expected 'do_mount_indirect: failed to get group
info from getgrgid_r'), thanks!


Note You need to log in before you can comment on or make changes to this bug.