[Pkg-sysvinit-devel] Bug#763869: sysvinit-utils: sulogin segfault after `cannot open password database!`

Paul Menzel pm.debian at googlemail.com
Sun Jan 4 10:46:40 UTC 2015 

Dear Petter,


thank you for your reply!

I wish everyone a happy new year!


Am Freitag, den 26.12.2014, 12:34 +0100 schrieb Petter Reinholdtsen:
> [Paul Menzel]

> > Please find the updated patch below, fixing a typo in the commit message
> > and removing the note.
> 
> Great.  The patch need to be moved to debian/patches/, but otherwise
> look good.

Please find the updated patch below. I had hoped, that the Debian
repository is the upstream repository, to avoid using quilt for what git
does already.

> I hope someone with access to collab-maint can push a fix.

Hopefully! `git am --scissors my-message.mbox` is all which has to be
done.

> Not sure if it will make it into Jessie.  It do not seem important
> enough to try to push it past the freeze.

Under certain circumstances it does not allow to get into the
maintenance shell, which is a real problem for systems still using SysV
instead of systemd I believe. systemd just tries to continue with
booting where SysV just hangs, doesn’t it?


Thanks,

Paul


-------------------- 8< --------------- >8 --------------------
From f6c06a7c70f9caf376c29475578fe09993fbb9a2 Mon Sep 17 00:00:00 2001
From: Paul Menzel <paulepanter at users.sourceforge.net>
Date: Tue, 16 Dec 2014 22:34:33 +0100
Subject: [PATCH] sulogin.c: Return if password database cannot be opened to avoid crash

Currently when the maintenance console should open and the password
database cannot be opened the process `sulogin` crashes with a
segmentation fault [1].

	sulogin: cannot open password database!
	[    3.563041] sulogin[84]: segfault at 8 ip 00000000004018e0 sp 00007fffd88d8330 error 4 in sulogin[400000+3000]
	Segment violation

The code calls the function `getrootpwent()` to get the root password
entry. The function should return a passwd struct and `NULL` on failure.

The return value is actually checked for `NULL` but it just prints a
message in this case and tries to continue normally, which is of course
not possible as later on the struct members are accessed.

Therefore just return 1 in case `pwd` is `NULL`.

Note: The sleep of two seconds is also questionable. Unfortunately there
is no comment explaining what the reason for it is.

Closes: #763869 (sysvinit-utils: sulogin segfault)

[1] https://bugs.debian.org/763869
---
 debian/changelog                                             |  7 +++++++
 ...ulogin_return_if_password_database_cannot_be_opened.patch | 12 ++++++++++++
 debian/patches/series                                        |  1 +
 3 files changed, 20 insertions(+)
 create mode 100644 debian/patches/97_sulogin_return_if_password_database_cannot_be_opened.patch

diff --git a/debian/changelog b/debian/changelog
index 4511465..9ba1a26 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+sysvinit (2.88dsf-58.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix crash when password database is not available (Closes: 763869)
+
+ -- Paul Menzel <paulepanter at users.sourceforge.net>  Tue, 16 Dec 2014 23:41:45 +0100
+
 sysvinit (2.88dsf-58) unstable; urgency=low
 
   * Fix typo in invoke-rc.d breaking upstart installations (Closes:
diff --git a/debian/patches/97_sulogin_return_if_password_database_cannot_be_opened.patch b/debian/patches/97_sulogin_return_if_password_database_cannot_be_opened.patch
new file mode 100644
index 0000000..3301510
--- /dev/null
+++ b/debian/patches/97_sulogin_return_if_password_database_cannot_be_opened.patch
@@ -0,0 +1,12 @@
+Index: sysvinit/src/sulogin.c
+===================================================================
+--- sysvinit.orig/src/sulogin.c
++++ sysvinit/src/sulogin.c
+@@ -588,6 +588,7 @@ int main(int argc, char **argv)
+ 	if ((pwd = getrootpwent(opt_e)) == NULL) {
+ 		fprintf(stderr, "sulogin: cannot open password database!\n");
+ 		sleep(2);
++		return 1;
+ 	}
+ 	/*
+ 	 *	If the root password is locked, fire up a shell
diff --git a/debian/patches/series b/debian/patches/series
index 86c824b..0d3e0c2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,4 @@
 94_kfreebsd_xterm.patch
 95_kfreebsd_bootlogd.patch
 96_allow_multiple_console_output.patch
+97_sulogin_return_if_password_database_cannot_be_opened.patch
-- 
2.1.4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-sysvinit-devel/attachments/20150104/4a1c59d2/attachment.sig>

More information about the Pkg-sysvinit-devel mailing list