[Unbound-users] Segfault on user not found with 1.5.3
W.C.A. Wijngaards
wouter at nlnetlabs.nl
Mon Mar 23 20:44:20 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Maciej,
On 03/23/2015 09:41 PM, Maciej Soltysiak wrote:
> Hi Wouter,
>
> On Mon, Mar 23, 2015 at 9:21 PM, W.C.A. Wijngaards
> <wouter at nlnetlabs.nl <mailto:wouter at nlnetlabs.nl>> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>
> Hi Maciej,
>
> On 03/23/2015 06:04 PM, Maciej Soltysiak wrote:
>> Hi,
>>
>> I just took the latest 1.5.3, compiled it and ran the executable
>> without doing any config. Just to see what happens.
>>
>> It segfaulted after saying user unbound not found.
>>
>> The issue is in util/config_file.c in function
>> config_lookup_uid().
>>
>> getpwnam() can return NULL and so subsequent referrences to
>> pw_uid and pw_gid are invalid.
>>
>> This patch corrects the code path to assign uid and gid only if
>> getpwnam() is successful.
>>
>> It also removes the log_err() call, because perform_setup() in
>> daemon/unbound.c would print it anyway in fatal_exit()
>>
>> I know it's a tiny buglet, but I couldn't resist fixing a
>> segfault :-)
>
> Thank you for the report, applied it by setting checks on the
> success of that lookup and continuing with the error printed.
>
> Thanks for reviewing and applying.
>
> What you applied to SVN is exactly what I've done initially. That
> however made it first display "user 'unbound' does not exist."
> twice. First from util/config_file.c. That allows the code run
> further, until it encounters a getpwnam() call in perform_setup()
> of unbound.c where it has fatal_exit() with the same message.
>
> Confirmed with gdb.
>
> That's why I removed the duplication to allow the latter error
> message to show up.
>
> I think you might want to look at it again; or maybe point me where
> I'm making a mistake.
>
Yes you are right, and I re-fixed it like your commit,
Best regards,
Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJVEHskAAoJEJ9vHC1+BF+Nv+IP/RmDtx89YqIHNJHQwmS0e9+u
qTKK5YPkdL5qgBKh1QDFg81lVzSXzDETZNu5r0Wzn+O4Fj/cqF91hrrNgLk17XWV
sjFpsy9A9Uw2wSq7UMyzNX7GDrv34Cv2UWefxGeEQuFmeL63SYKoK4qQCI3Obx02
oJTmR+3XJ+977Mjqjd2D76PK+ai649MWBC3kxwMmPet4jhDwg5WbjEUBzHGdeI3A
OBTWSbIShPFpUmiGG1rWdPOnpiJm0XZfYlXaqSdzr61VwYvU/+oqWgjJoN19HmEu
2ofWsXBrTPLoRJIlnRZIf5l1m6bftwp3SiBQZPELnrdPNPbjjHx3CZ/mBzIQ+7Zb
yOoDpl53PUE9FRg7g3O6BZKBqRvTt9T532UlqEa6zhJHuGDFcTJHbD0LKPmgSiZ/
dwmsbGkRT8B4PV1eYaxKxWRf3c4eWbGYZ4EYLJbMqekGFhMJ8E/TWOHZD7BjECTR
tKwTq3nco2SrO5sPnlQp28VnziC+jShn1aJIsaCBoM8/nm3yNJM+BAw6jSQXgcgi
2pp/yOXRz7kfSVjyyH4JBjW+k9U0KXoTL59jb1fCiABl/8CA97Aw/XRKeh8rLBFM
LpFmMQ9pE9MZJ8BpSgpgMkG+sF5STeWKS/JWHvTbSJ2m6EkbtHi0iiBUchf/qt9V
1LeaIXkceD8ZGWv6blBJ
=jAw4
-----END PGP SIGNATURE-----
More information about the Unbound-users
mailing list