Bug#1004674: libnss-systemd: SIGABRT on getgrent pass 2 ( with dynamic user)

Antonio Russo aerusso at aerusso.net
Mon Jan 31 15:31:00 GMT 2022 

Package: libnss-systemd
Version: 247.3-6
Severity: normal
X-Debbugs-Cc: aerusso at aerusso.net


Dear maintainer,

I discovered this issue when running "metastore -s":

Assertion 'name' failed at src/basic/strv.c:22, function strv_find(). Aborting.

The source in metastore is this block of code (src/utils.c:) :

/* Initial setup of the gid table */
static void
create_group_table()
{
	struct group *tmp;
	int count, index;

	for (count = 0; getgrent(); count++) /* Do nothing */;

	gtable = xmalloc(sizeof(struct group) * (count + 1));
	memset(gtable, 0, sizeof(struct group) * (count + 1));
	setgrent();

	for (index = 0; (tmp = getgrent()) && index < count; index++) {   // <--- SIGABRT on getgrent()
		gtable[index].gr_gid = tmp->gr_gid;
		gtable[index].gr_name = xstrdup(tmp->gr_name);
	}

	endgrent();
}

I have a dynamic user:

getent passwd 

#other users
earlyoom:x:61876:61876:Dynamic User:/:/usr/sbin/nologin
#EOF

The first pass through the group table with getgrent goes fine (and earlyoom's group shows up no problem).

The second pass, it bugs out at the last group entry (which is also earlyoom's).  The issue disappears after

# systemctl stop earlyoom

(and the earlyoom passwd entry goes away, as expected).

- The following reproduces the problem (as the body of create_group_table):

	for (count = 0; getgrent(); count++) /* Do nothing */;
	setgrent();
	for (count = 0; getgrent(); count++) /* Do nothing */;

(ABRT on last line). 

I don't know if this reproduces on other non-Debian systems. The only related upstream bug I could find 
is [1] which is resolved by [2], and is apparently included as of 247.3-6 (by inspection of source).

Best,
Antonio

[1] https://github.com/systemd/systemd/issues/17870
[2] https://github.com/systemd/systemd/pull/17873

-- System Information:
Debian Release: 11.2
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'stable'), (600, 'proposed-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-172-amd64 (SMP w/16 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libnss-systemd depends on:
ii  libc6    2.31-13+deb11u2
ii  systemd  247.3-6

libnss-systemd recommends no packages.

libnss-systemd suggests no packages.

More information about the Pkg-systemd-maintainers mailing list