GNU bug report logs -
#65617
coreutils 9.4: seg.fault in readutmp with systemd
Previous Next
Reported by: Thorsten Kukuk <kukuk <at> suse.com>
Date: Wed, 30 Aug 2023 11:22:01 UTC
Severity: normal
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 65617 in the body.
You can then email your comments to 65617 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-coreutils <at> gnu.org
:
bug#65617
; Package
coreutils
.
(Wed, 30 Aug 2023 11:22:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Thorsten Kukuk <kukuk <at> suse.com>
:
New bug report received and forwarded. Copy sent to
bug-coreutils <at> gnu.org
.
(Wed, 30 Aug 2023 11:22:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
coreutils 9.4 with the --enable-systemd option seg.faults in
lib/readutmp.c, line 801:
for (session_ptr = sessions; *session_ptr != NULL; session_ptr++)
If there is no session, "sessions" is NULL and "*session_ptr" will
dereference a NULL pointer.
Affected are who, pinky and uptime.
A simple fix:
diff --git a/lib/readutmp.c b/lib/readutmp.c
index 0173b7e0c1..e99158677c 100644
--- a/lib/readutmp.c
+++ b/lib/readutmp.c
@@ -795,7 +795,7 @@ read_utmp_from_systemd (idx_t *n_entries, STRUCT_UTMP **utmp_buf, int options)
{
char **sessions;
int num_sessions = sd_get_sessions (&sessions);
- if (num_sessions >= 0)
+ if (num_sessions > 0)
{
char **session_ptr;
for (session_ptr = sessions; *session_ptr != NULL; session_ptr++)
--
Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies
SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, Germany
Managing Director: Ivo Totev, Andrew McDonald, Werner Knoblich
(HRB 36809, AG Nürnberg)
Reply sent
to
Paul Eggert <eggert <at> cs.ucla.edu>
:
You have taken responsibility.
(Thu, 31 Aug 2023 01:30:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
Thorsten Kukuk <kukuk <at> suse.com>
:
bug acknowledged by developer.
(Thu, 31 Aug 2023 01:30:02 GMT)
Full text and
rfc822 format available.
Message #10 received at 65617-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Thanks for reporting that. I installed the attached patch into Gnulib
and this should appear in the next coreutils release.
[0001-readutmp-fix-core-dump-if-enable-systemd.patch (text/x-patch, attachment)]
Information forwarded
to
bug-coreutils <at> gnu.org
:
bug#65617
; Package
coreutils
.
(Thu, 31 Aug 2023 09:38:01 GMT)
Full text and
rfc822 format available.
Message #13 received at 65617-done <at> debbugs.gnu.org (full text, mbox):
Paul Eggert wrote:
> I installed the attached patch into Gnulib
> and this should appear in the next coreutils release.
Unfortunately, this patch introduces a memory leak: If
num_sessions == 0 and sessions != NULL (which can happen, according
to the man page), we need to call free (sessions).
This patch fixes it.
2023-08-31 Bruno Haible <bruno <at> clisp.org>
readutmp: Fix memory leak introduced by last commit.
* lib/readutmp.c (read_utmp_from_systemd): If num_sessions == 0 and
sessions != NULL, do call free (sessions).
diff --git a/lib/readutmp.c b/lib/readutmp.c
index e99158677c..ec09feb59b 100644
--- a/lib/readutmp.c
+++ b/lib/readutmp.c
@@ -795,7 +795,7 @@ read_utmp_from_systemd (idx_t *n_entries, STRUCT_UTMP **utmp_buf, int options)
{
char **sessions;
int num_sessions = sd_get_sessions (&sessions);
- if (num_sessions > 0)
+ if (num_sessions >= 0 && sessions != NULL)
{
char **session_ptr;
for (session_ptr = sessions; *session_ptr != NULL; session_ptr++)
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Thu, 28 Sep 2023 11:24:07 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 249 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.