This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/9781] New: initgroups can use lots of stack space if /etc/group has a huge line

From: "cgd at google dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 24 Jan 2009 08:40:23 -0000
Subject: [Bug libc/9781] New: initgroups can use lots of stack space if /etc/group has a huge line
Reply-to: sourceware-bugzilla at sourceware dot org

(This was found in a custom version of glibc 2.3.6.  I have not verified it with
current glibc sources -- sorry -- but the source code involved is substantially
the same as in 2.3.6.)

when there's a single huge (huge) group line and the 'files' db is used,
compat-initgroups.c will use enough stack to hold the entire line.  If
initgroups is called from a pthread_create'd thread with a limited stack size,
this can cause a crash.

Test code:

#include <pthread.h>
#include <stdio.h>

void *func(void *arg) {
  printf("in child\n");
  fflush(NULL);
  initgroups("does_not_matter", 0);
  printf("finished initgroups\n");
  fflush(NULL);
}

int main(void) {
  pthread_attr_t attr;
  pthread_t thread;
  printf("%d\n", pthread_attr_init(&attr));
  printf("%d\n", pthread_attr_setstacksize(&attr, 8 * getpagesize()));
  printf("%d\n", pthread_attr_setguardsize(&attr, getpagesize()));
  printf("%d\n", pthread_create(&thread, &attr, func, NULL));
  printf("%d\n", pthread_join(thread, NULL));
  return 0;
}

put a huge line into /etc/group (something 8 * page size will do), and run the
test program.

I have coded up a patch to grp/compat-initgroups.c which resolves the issue
(using heap-allocated memory rather than stack-allocated memory).  This is
relative to the code in glibc 2.3.6.

There is code in nis/nss_compat/compat-initgroups.c which is substantially the
same, and probably needs a similar (or perhaps identical) patch.  I don't have
an environment in which I can test a patch to that code, though, so I've not
tried to supply one.

-- 
           Summary: initgroups can use lots of stack space if /etc/group has
                    a huge line
           Product: glibc
           Version: 2.3.6
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: cgd at google dot com
                CC: cgd at google dot com,glibc-bugs at sources dot redhat
                    dot com
 GCC build triplet: i686-linux
  GCC host triplet: i686-linux
GCC target triplet: i686-linux


http://sourceware.org/bugzilla/show_bug.cgi?id=9781

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Follow-Ups:
- [Bug libc/9781] initgroups can use lots of stack space if /etc/group has a huge line
  - From: cgd at google dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]