-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
rhel-8.10.z
-
Yes
-
Important
-
ZStream, Patch, EasyFix
-
Customer Facing, Customer Reported
-
rhel-idm-zta
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
Unspecified
-
Unspecified
-
Unspecified
-
None
What were you trying to do that didn't work?
Users executing pwck as a user get a Segmentation Fault.
This happens because variable shadow_logfd is not initialized to stderr but NULL:
$ gdb --args pwck [...] (gdb) run Program received signal SIGSEGV, Segmentation fault. ___fprintf_chk (fp=0x0, flag=flag@entry=1, format=format@entry=0x55555555dc21 "%s: Permission denied.\n") at fprintf_chk.c:30 30 _IO_acquire_lock_clear_flags2 (fp); (gdb) f 2 #2 commonio_lock (db=0x5555557605e0 <passwd_db>) at commonio.c:474 474 (void) fprintf (shadow_logfd, "%s: Permission denied.\n", (gdb) p shadow_logfd $1 = (FILE *) 0x0
Please backport Upstream commit dated *2021*:
commit d8e54618feea201987c1f3cb402ed50d1d8b604f
Author: Iker Pedrosa <ipedrosa@redhat.com>
Date: Mon Nov 15 12:40:15 2021 +0100
pwck: fix segfault when calling fprintf()
As shadow_logfd variable is not set at the beginning of the program if
something fails and fprintf() is called a segmentation fault happens.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2021339
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
---
src/pwck.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/pwck.c b/src/pwck.c
index 4248944a..4ce86af2 100644
--- a/src/pwck.c
+++ b/src/pwck.c
@@ -857,6 +857,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
+ shadow_logfd = stderr;
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
What is the impact of this issue to you?
Annoyance
Please provide the package NVR for which the bug is seen:
shadow-utils-4.6-23.el8_10
How reproducible is this bug?:
Always, just execute the command as non-root user