[Pkg-puppet-devel] Bug#810484: puppet agent: ruby segfault during applying catalog
Apollon Oikonomopoulos
apoikos at debian.org
Wed May 10 19:26:15 UTC 2017
Control: reassign -1 libaugeas0
Control: found -1 1.2.0-1
Control: fixed -1 1.5.0-1
Control: tags -1 upstream fixed-upstream
Hi,
On 21:39 Mon 18 Jan , Felix Hagemann wrote:
> Program received signal SIGSEGV, Segmentation fault.
> strlen () at ../sysdeps/x86_64/strlen.S:106
> 106 ../sysdeps/x86_64/strlen.S: No such file or directory.
> (gdb) bt
> #0 strlen () at ../sysdeps/x86_64/strlen.S:106
> #1 0x00007ffff1e75d51 in augeas_get () from
> /usr/lib/x86_64-linux-gnu/ruby/vendor_ruby/2.2.0/_augeas.so
The relevant part in ruby-augeas' source is:
VALUE augeas_get(VALUE s, VALUE path) {
augeas *aug = aug_handle(s);
const char *cpath = StringValueCStr(path);
const char *value;
aug_get(aug, cpath, &value);
if (value != NULL) {
return rb_str_new(value, strlen(value)) ;
} else {
return Qnil;
}
}
The only way strlen() might segfault here, is if `value' is an
invalid/uninitialized pointer. And the only way this may happen is if aug_get()
did not initialize the pointer correctly, which probably brings us to
augeas issue #372[1], fixed in libaugeas 1.5.0. Indeed, in this case,
augeas_get() does not check the return value of aug_get(), so this could
easily be the case.
[1] https://github.com/hercules-team/augeas/issues/372
I admit I'm not 100% sure about this, but it seems reasonable to
reassign the bug to libaugeas0 and mark it as fixed in 1.5.0. If anyone
can still reproduce the bug, please feel free to mark it as found.
Regards,
Apollon
More information about the Pkg-puppet-devel
mailing list