[Bug 1565567] Re: segv in sudo_getgrgid
Rafael David Tinoco
rafael.tinoco at canonical.com
Thu May 5 19:20:43 UTC 2016
I just verified that sudo fix seems good within yakkety. Marking it as
verification-done.
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1565567
Title:
segv in sudo_getgrgid
Status in sudo:
Unknown
Status in sudo package in Ubuntu:
Fix Released
Status in sudo source package in Xenial:
Fix Committed
Bug description:
[Impact]
In certain environments, for example when using LDAP, users can end up
in a group with no name. When that happens, sudo crashes when
attempting to look up the group name for the debug log.
Upstream has commited a simple fix for this issue, it has been
commited to Yakkety, and uploaded to Xenial.
[Test Case]
I currently don't know an easy way to reproduce this, it is
environment-specific. A package containing the fix was successfully
tested in the problematic environment.
[Regression Potential]
A regression in the patch would prevent users from using sudo. The
risk of regression is low since the patch only changes the debug log.
Original report:
If the user is in a group with no name (because libnss-db got removed
and the group was defined there, for example...) then:
the call to sudo_debug_printf in sudo_getgrgid
(plugins/sudoers/pwutil.c, line 462) causes a SEGV when trying to get
item->d.gr->gr_name (since item->d.gr is NULL).
To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1565567/+subscriptions
More information about the foundations-bugs
mailing list