[Bug 1891552] Re: Segmentation Fault in libpcre2-8-0 when using regex in (cifs) volume

Utkarsh Gupta 1891552 at bugs.launchpad.net
Fri Mar 26 21:37:19 UTC 2021 

** Description changed:

- Hello,
+ [Impact]
+ ========
  
- there seems to be a bug in libpam-mount in version 2.16-10 used in
- Ubuntu 20.04.
+ Mount a cifs volume with a regex condition results in a segfault.
  
- I want to mount a cifs volume with a regex condition.
+ 
+ [Test Plan]
+ ===========
+ 
+ $ lxc launch images:ubuntu/focal lp1891552-fix-segfault
+ 
+ $ lxc shell lp1891552-fix-segfault
+ 
+ # apt update && apt install cifs-utils libpam-mount
+ 
+ # adduser user
+ 
+ // add the following lines in /etc/security/pam_mount.conf.xml above the
+ "<mkmountpoint enable="1" remove="true" />" line.
  
  <volume fstype="cifs" server="server.example.com" path="folder/%(USER)" mountpoint="/home/%(USER)/SUBFOLDER_%(USER)" options="domain=DOMAIN,dir_mode=0700,file_mode=0700">
-   <and>
-     <user regex="yes">^[a-z]{3}.*$</user>
-   </and>
+   <and>
+     <user regex="yes">^[a-z]{3}.*$</user>
+   </and>
  </volume>
+ 
+ # su - user
+ 
+ // you'll get a segfault.
+ 
+ // with the patched version, it shouldn't segfault and everything
+ // should work fine, as intended.
+ 
+ 
+ [Where Problems Could Occur]
+ ============================
+ 
+ With this problem known, if the user has found a workaround for mounting
+ a cifs volume using some extra configuration or so, then that could
+ break the same on upgrade, I believe. For example, having a workaround
+ way of inserting <volume> in /etc/security/pam_mount.conf.xml with
+ manipulation and some hacking could get this to work and then upgrade
+ could break the hack. But on a brighter side, they could get back to
+ using the "right" way of inserting a <volume> in the .conf.xml file.
+ 
+ 
+ [Discussion(s)]
+ ===============
  
  At system start the system freezes completely. Then I retested during a
  running session on the command line and I'm getting the error message
  
  Segmentation fault
  
  when I login to another user.
  
  If I remove the 'regex="yes"' everything works.
  If I remove the "and" condition everything works.
  If I downgrade the libpam-mount package to version 2.16-3ubuntu0.1 of Ubuntu 18.04 everything works including using the regex condition. In Ubuntu 18.04 everything worked fine as well.
- 
- Best regards
- Daniel

** Description changed:

  [Impact]
  ========
  
- Mount a cifs volume with a regex condition results in a segfault.
- 
+ Mounting a cifs volume with a regex condition results in a segfault.
  
  [Test Plan]
  ===========
  
  $ lxc launch images:ubuntu/focal lp1891552-fix-segfault
  
  $ lxc shell lp1891552-fix-segfault
  
  # apt update && apt install cifs-utils libpam-mount
  
  # adduser user
  
  // add the following lines in /etc/security/pam_mount.conf.xml above the
  "<mkmountpoint enable="1" remove="true" />" line.
  
  <volume fstype="cifs" server="server.example.com" path="folder/%(USER)" mountpoint="/home/%(USER)/SUBFOLDER_%(USER)" options="domain=DOMAIN,dir_mode=0700,file_mode=0700">
    <and>
      <user regex="yes">^[a-z]{3}.*$</user>
    </and>
  </volume>
  
  # su - user
  
  // you'll get a segfault.
  
  // with the patched version, it shouldn't segfault and everything
  // should work fine, as intended.
  
- 
  [Where Problems Could Occur]
  ============================
  
  With this problem known, if the user has found a workaround for mounting
  a cifs volume using some extra configuration or so, then that could
  break the same on upgrade, I believe. For example, having a workaround
  way of inserting <volume> in /etc/security/pam_mount.conf.xml with
  manipulation and some hacking could get this to work and then upgrade
  could break the hack. But on a brighter side, they could get back to
  using the "right" way of inserting a <volume> in the .conf.xml file.
- 
  
  [Discussion(s)]
  ===============
  
  At system start the system freezes completely. Then I retested during a
  running session on the command line and I'm getting the error message
  
  Segmentation fault
  
  when I login to another user.
  
  If I remove the 'regex="yes"' everything works.
  If I remove the "and" condition everything works.
  If I downgrade the libpam-mount package to version 2.16-3ubuntu0.1 of Ubuntu 18.04 everything works including using the regex condition. In Ubuntu 18.04 everything worked fine as well.

** Changed in: libpam-mount (Ubuntu Focal)
     Assignee: (unassigned) => Utkarsh Gupta (utkarsh)

** No longer affects: pcre2 (Ubuntu)

** No longer affects: pcre2 (Ubuntu Focal)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pcre2 in Ubuntu.
https://bugs.launchpad.net/bugs/1891552

Title:
  Segmentation Fault in libpcre2-8-0 when using regex in (cifs) volume

Status in libpam-mount package in Ubuntu:
  Fix Released
Status in libpam-mount source package in Focal:
  Triaged

Bug description:
  [Impact]
  ========

  Mounting a cifs volume with a regex condition results in a segfault.

  [Test Plan]
  ===========

  $ lxc launch images:ubuntu/focal lp1891552-fix-segfault

  $ lxc shell lp1891552-fix-segfault

  # apt update && apt install cifs-utils libpam-mount

  # adduser user

  // add the following lines in /etc/security/pam_mount.conf.xml above
  the "<mkmountpoint enable="1" remove="true" />" line.

  <volume fstype="cifs" server="server.example.com" path="folder/%(USER)" mountpoint="/home/%(USER)/SUBFOLDER_%(USER)" options="domain=DOMAIN,dir_mode=0700,file_mode=0700">
    <and>
      <user regex="yes">^[a-z]{3}.*$</user>
    </and>
  </volume>

  # su - user

  // you'll get a segfault.

  // with the patched version, it shouldn't segfault and everything
  // should work fine, as intended.

  [Where Problems Could Occur]
  ============================

  With this problem known, if the user has found a workaround for
  mounting a cifs volume using some extra configuration or so, then that
  could break the same on upgrade, I believe. For example, having a
  workaround way of inserting <volume> in
  /etc/security/pam_mount.conf.xml with manipulation and some hacking
  could get this to work and then upgrade could break the hack. But on a
  brighter side, they could get back to using the "right" way of
  inserting a <volume> in the .conf.xml file.

  [Discussion(s)]
  ===============

  At system start the system freezes completely. Then I retested during
  a running session on the command line and I'm getting the error
  message

  Segmentation fault

  when I login to another user.

  If I remove the 'regex="yes"' everything works.
  If I remove the "and" condition everything works.
  If I downgrade the libpam-mount package to version 2.16-3ubuntu0.1 of Ubuntu 18.04 everything works including using the regex condition. In Ubuntu 18.04 everything worked fine as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libpam-mount/+bug/1891552/+subscriptions

More information about the foundations-bugs mailing list