[Pkg-sysvinit-devel] Bug#763869: sysvinit-utils: sulogin segfault after `cannot open password database!`

Fri Dec 26 10:49:16 UTC 2014

Control: found -1 2.88dsf-58
Control: merge -1 769743 772427


Dear Debian folks,


Am Dienstag, den 16.12.2014, 23:54 +0100 schrieb Paul Menzel:
> Control: severity -1 important
> Control: tags -1 patch

I found two more bug reports for this issue and merge this report with
those.

[…]

Please find the updated patch below, fixing a typo in the commit message
and removing the note.


Thanks,

Paul

---------------------- 8< ------------------ >8 ----------------------

From 57d01d1992ecf78a86167b62ae88c7cb11d5bde5 Mon Sep 17 00:00:00 2001
From: Paul Menzel <paulepanter at users.sourceforge.net>
Date: Tue, 16 Dec 2014 22:34:33 +0100
Subject: [PATCH] sulogin.c: Return if password database cannot be opened to avoid crash

Currently when the maintenance console should open and the password
database cannot be opened the process `sulogin` crashes with a
segmentation fault [1].

	sulogin: cannot open password database!
	[    3.563041] sulogin[84]: segfault at 8 ip 00000000004018e0 sp 00007fffd88d8330 error 4 in sulogin[400000+3000]
	Segment violation

The code calls the function `getrootpwent()` to get the root password
entry. The function should return a passwd struct and `NULL` on failure.

The return value is actually checked for `NULL` but it just prints a
message in this case and tries to continue normally, which is of course
not possible as later on the struct members are accessed.

Therefore just return 1 in case `pwd` is `NULL`.

Closes: #763869 (sysvinit-utils: sulogin segfault)

[1] https://bugs.debian.org/763869
---
 debian/changelog | 7 +++++++
 src/sulogin.c    | 1 +
 2 files changed, 8 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 4511465..9ba1a26 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+sysvinit (2.88dsf-58.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix crash when password database is not available (Closes: 763869)
+
+ -- Paul Menzel <paulepanter at users.sourceforge.net>  Tue, 16 Dec 2014 23:41:45 +0100
+
 sysvinit (2.88dsf-58) unstable; urgency=low
 
   * Fix typo in invoke-rc.d breaking upstart installations (Closes:
diff --git a/src/sulogin.c b/src/sulogin.c
index 7537654..df8907d 100644
--- a/src/sulogin.c
+++ b/src/sulogin.c
@@ -584,6 +584,7 @@ int main(int argc, char **argv)
 	if ((pwd = getrootpwent(opt_e)) == NULL) {
 		fprintf(stderr, "sulogin: cannot open password database!\n");
 		sleep(2);
+		return 1;
 	}
 
 	/*
-- 
2.1.4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-sysvinit-devel/attachments/20141226/50a0e7d1/attachment.sig>
