[Pkg-sysvinit-devel] Bug#769743: sulogin: crashes when /etc/passwd is missing
Christian Hofstaedtler
zeha at debian.org
Sun Nov 16 02:22:18 UTC 2014
Package: sysvinit-utils
Version: 2.88dsf-57
Severity: important
sulogin crashes when /etc/passwd is unavailable.
See the following code from sulogin.c:
if ((pwd = getrootpwent(opt_e)) == NULL) {
fprintf(stderr, "sulogin: cannot open password database!\n");
sleep(2);
}
...
if ((strcmp(pwd->pw_passwd, "*") == 0) ||
(strcmp(pwd->pw_passwd, "!") == 0)) {
...
When the fprintf in the first if() case happens, pwd is NULL, and
de-referencing that crashes in the second if.
This affects users where initramfs-tools cannot succesfully mount /,
leaving them with a more than necessary broken system.
Thanks,
Christian
More information about the Pkg-sysvinit-devel
mailing list