Re: Bug report: rpc.mountd segv due to commit 8f459a072f93458fc2198ce1962b279164aa9059 Remove abuse of ai_canonname

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> On May 13, 2019, at 6:24 PM, Mark Wagner <mark@xxxxxxxxxxx> wrote:
> 
> (gdb) run -F
> Starting program: /usr/sbin/rpc.mountd -F
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/libthread_db.so.1".
> rpc.mountd: Version 2.3.4 starting
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x0000555555564921 in DoMatch (text=0x0, p=0x5555555af100
> "knode*.lanfear.net") at wildmat.c:75
> 75      wildmat.c: No such file or directory.
> (gdb) bt
> #0  0x0000555555564921 in DoMatch (text=0x0, p=0x5555555af100
> "knode*.lanfear.net") at wildmat.c:75
> #1  0x0000555555564b69 in wildmat (text=text@entry=0x0,
> p=p@entry=0x5555555af100 "knode*.lanfear.net") at wildmat.c:140
> #2  0x000055555555e9ab in check_wildcard (clp=<optimized out>,
> ai=<optimized out>) at client.c:616
> #3  client_check (ai=<optimized out>, clp=<optimized out>) at client.c:740
> #4  client_check (clp=<optimized out>, ai=<optimized out>) at client.c:732
> #5  0x000055555555edb4 in client_compose (ai=ai@entry=0x5555555ac830)
> at client.c:417
> #6  0x000055555555c0f3 in auth_unix_ip (f=3) at cache.c:115
> #7  0x000055555555d95a in cache_process_req
> (readfds=readfds@entry=0x7fffffffdc90) at cache.c:1417
> #8  0x000055555555de28 in my_svc_run () at svc_run.c:118
> #9  0x000055555555941a in main (argc=<optimized out>, argv=<optimized
> out>) at mountd.c:892
> 
> The commit message says "There is only one caller to
> host_reliable_addrinfo() that actually uses the string in
> ai->ai_canonname, and then only for debugging messages. Change those
> to display the IP address instead."
> 
> That is not quite right. ./support/export/client.c check_wildcard()
> uses ai_canonname:
> 
> static int
> check_wildcard(const nfs_client *clp, const struct addrinfo *ai)
> {
>        char *cname = clp->m_hostname;
>        char *hname = ai->ai_canonname;
> ...
> 
> Kernel versions:
> server: 5.0.10-gentoo
> client: 5.0.10-200.fc29.x86_64
> 
> nfs-utils version: 2.3.4
> 
> "Are you using any of the security options?" No.
> 
> exportfs -v
> /usr/local/k8s
> knode*.lanfear.net(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)

Hi Mark-

Thanks for the report. Your analysis seems plausible.
I'll have a look at this today.


--
Chuck Lever
[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux