pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/57888: pkg_create fails ungracefully if uid or gid on file doesn't have name
The following reply was made to PR pkg/57888; it has been noted by GNATS.
From: sunil%nimmagadda.net@localhost
To: gnats-bugs%netbsd.org@localhost
Cc:
Subject: Re: pkg/57888: pkg_create fails ungracefully if uid or gid on file
doesn't have name
Date: Tue, 30 Jan 2024 04:52:10 +0530
campbell+netbsd%mumble.net@localhost writes:
>>Number: 57888
>>Category: pkg
>>Synopsis: pkg_create fails ungracefully if uid or gid on file doesn't have name
>>Confidential: no
>>Severity: serious
>>Priority: medium
>>Responsible: pkg-manager
>>State: open
>>Class: sw-bug
>>Submitter-Id: net
>>Arrival-Date: Mon Jan 29 15:15:00 +0000 2024
>>Originator: Taylor R Campbell
>>Release: current
>>Organization:
> The NetBSD pkg_installation
>>Environment:
>>Description:
> (gdb) run
> Starting program: /usr/sbin/pkg_create -K /usr/pkg/pkgdb -l -U -B /usr/pkgsrc/mail/imp/work/.pkgdb/+BUILD_INFO -b /usr/pkgsrc/mail/imp/work/.pkgdb/+BUILD_VERSION -c /usr/pkgsrc/mail/imp/work/.pkgdb/+COMMENT -D /usr/pkgsrc/mail/imp/work/.pkgdb/+DISPLAY -d /usr/pkgsrc/mail/imp/work/.pkgdb/+DESC -f /usr/pkgsrc/mail/imp/work/.PLIST_deps -S /usr/pkgsrc/mail/imp/work/.pkgdb/+SIZE_ALL -s /usr/pkgsrc/mail/imp/work/.pkgdb/+SIZE_PKG -C imp-3.\* -i /usr/pkgsrc/mail/imp/work/.pkgdb/+INSTALL -k /usr/pkgsrc/mail/imp/work/.pkgdb/+DEINSTALL -F gzip -I /usr/pkg -p /usr/pkgsrc/mail/imp/work/.destdir/usr/pkg /usr/pkgsrc/mail/imp/work/.packages/imp-4.3.11nb2.tmp.tgz
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x000073151d783a10 in strlen () from /usr/lib/libc.so.12
> (gdb) bt
> #0 0x000073151d783a10 in strlen () from /usr/lib/libc.so.12
> #1 0x000073151d6b0ba5 in _strdup (str=0x0)
> at /usr/src/lib/libc/string/strdup.c:60
> #2 0x000000014cc09b70 in xstrdup (str=<optimized out>)
> at /usr/src/external/bsd/pkg_install/dist/lib/xwrapper.c:99
> #3 0x000000014cc043af in update_ids (file=file@entry=0x73152076c1c0)
> at /usr/src/external/bsd/pkg_install/dist/create/util.c:78
> #4 0x000000014cc045ac in load_memory_file (
> disk_name=0x7f7fffde7d97 "/usr/pkgsrc/mail/imp/work/.pkgdb/+INSTALL",
> archive_name=archive_name@entry=0x14cc0a72d "+INSTALL",
> owner=<optimized out>, group=<optimized out>, mode=mode@entry=365)
> at /usr/src/external/bsd/pkg_install/dist/create/util.c:128
> #5 0x000000014cc04c54 in load_and_add (perm=365,
> target_name=0x14cc0a72d "+INSTALL", input_name=<optimized out>,
> plist=0x7f7fffde7480)
> at /usr/src/external/bsd/pkg_install/dist/create/build.c:338
> #6 pkg_build (
> pkg=pkg@entry=0x731520796000 "/usr/pkgsrc/mail/imp/work/.packages/imp-4.3.11nb2.tmp",
> full_pkg=full_pkg@entry=0x7f7fffde7e32 "/usr/pkgsrc/mail/imp/work/.packages/imp-4.3.11nb2.tmp.tgz", suffix=suffix@entry=0x7f7fffde7e68 "tgz",
> plist=plist@entry=0x7f7fffde7480)
> at /usr/src/external/bsd/pkg_install/dist/create/build.c:373
> #7 0x000000014cc03d5c in pkg_perform (
> pkg=0x731520796000 "/usr/pkgsrc/mail/imp/work/.packages/imp-4.3.11nb2.tmp")
> at /usr/src/external/bsd/pkg_install/dist/create/perform.c:228
> #8 0x000000014cc09e0b in main (argc=1, argv=0x7f7fffde7640)
> at /usr/src/external/bsd/pkg_install/dist/create/main.c:202
> (gdb) fr 3
> #3 0x000000014cc043af in update_ids (file=file@entry=0x73152076c1c0)
> at /usr/src/external/bsd/pkg_install/dist/create/util.c:78
> 78 file->group = xstrdup(group_from_gid(file->st.st_gid, 1));
> (gdb) info locals
> No locals.
> (gdb) print *file
> $1 = {st = {st_dev = 43009, st_mode = 33261, st_ino = 55666008, st_nlink = 1,
> st_uid = 0, st_gid = 125, st_rdev = 18446744073709551615, st_atim = {
> tv_sec = 1706487457, tv_nsec = 804541539}, st_mtim = {
> tv_sec = 1706487457, tv_nsec = 804745331}, st_ctim = {
> tv_sec = 1706487457, tv_nsec = 804745331}, st_birthtim = {
> tv_sec = 1706487457, tv_nsec = 804539974}, st_size = 24531,
> st_blocks = 48, st_blksize = 32768, st_flags = 0, st_gen = 0, st_spare = {
> 0, 0}}, name = 0x14cc0a72d "+INSTALL", owner = 0x7315207a60e8 "root",
> group = 0x0, mode = 365, data = 0x0, len = 0}
>>How-To-Repeat:
> 1. chown/chgrp pkgsrc files to a uid/gid without a name in /etc/passwd or /etc/group
> 2. try to build a package
>
> (Realistically, what happened is that /etc/group got munged by etcupdate(8), causing the wsrc gid to change.)
>>Fix:
> Yes, please!
>
> At the very least, pkg_create should fail with an obvious error message, not with a SIGSEGV and core dump.
Fail with an obvious error message...
diff --git a/external/bsd/pkg_install/dist/create/util.c b/external/bsd/pkg_install/dist/create/util.c
--- a/external/bsd/pkg_install/dist/create/util.c
+++ b/external/bsd/pkg_install/dist/create/util.c
@@ -58,14 +58,18 @@
static void
update_ids(struct memory_file *file)
{
+ const char *s;
+
if (file->owner != NULL) {
uid_t uid;
if (uid_from_user(file->owner, &uid) == -1)
errx(2, "user %s unknown", file->owner);
file->st.st_uid = uid;
- } else {
- file->owner = xstrdup(user_from_uid(file->st.st_uid, 1));
+ } else {
+ if ((s = user_from_uid(file->st.st_uid, 1)) == NULL)
+ errx(2, "unknown user name");
+ file->owner = xstrdup(s);
}
if (file->group != NULL) {
@@ -75,7 +79,9 @@
errx(2, "group %s unknown", file->group);
file->st.st_gid = gid;
} else {
- file->group = xstrdup(group_from_gid(file->st.st_gid, 1));
+ if ((s = group_from_gid(file->st.st_gid, 1)) == NULL)
+ errx(2, "unknown group name");
+ file->group = xstrdup(s);
}
}
Home |
Main Index |
Thread Index |
Old Index