Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

segfault when LISTEN_PID and LISTEN_FDS are set but not LISTEN_FDNAMES #10435

Closed
eriksjolund opened this issue May 21, 2021 · 0 comments · Fixed by #10481
Closed

segfault when LISTEN_PID and LISTEN_FDS are set but not LISTEN_FDNAMES #10435

eriksjolund opened this issue May 21, 2021 · 0 comments · Fixed by #10481
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@eriksjolund
Copy link
Contributor

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description
A segmentation fault can be triggered by setting the environment variables
LISTEN_PID and LISTEN_FDS but not LISTEN_FDNAMES and then podman run ...

It seems the relevant code is

podman/pkg/rootless/rootless_linux.c

Line 314 in fe05956

saved_systemd_listen_fdnames = strdup(listen_fdnames);

Steps to reproduce the issue:

  1. Create the file bug.bash with this content

    #!/bin/bash
export LISTEN_PID=$$
export LISTEN_FDS=1
exec podman run --rm registry.fedoraproject.org/fedora:34 /bin/true

  2. Run bash bug.sh

Describe the results you received:

Segmentation fault (core dumped)

Output of podman version:

Version:      3.2.0-dev
API Version:  3.2.0-dev
Go Version:   go1.15.3
Git Commit:   fe0595683a05c0f0307e07f0cce29f6ae0b3d310
Built:        Thu May 20 14:11:25 2021
OS/Arch:      linux/amd64

Output of podman info --debug | grep -v hostname::

host:
  arch: amd64
  buildahVersion: 1.20.2-dev
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: Unknown
    path: /var/data/podman-installations/build-podman_601505070e4cf66a37d42a81156e5508d0cfb79c__centos8__fe0595683a05c0f0307e07f0cce29f6ae0b3d310__v2.0.27__v0.9.1__1.15.3__0.19.1__v1.1.10__v1.5.0/bin/conmon
    version: 'conmon version 2.0.27, commit: 65fad4bfcb250df0435ea668017e643e7f462155'
  cpus: 8
  distribution:
    distribution: '"centos"'
    version: "8"
  eventLogger: journald
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 100
      size: 1
    - container_id: 1
      host_id: 231072
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1626
      size: 1
    - container_id: 1
      host_id: 231072
      size: 65536
  kernel: 4.18.0-240.22.1.el8_3.x86_64
  linkmode: dynamic
  memFree: 8183627776
  memTotal: 16600113152
  ociRuntime:
    name: crun
    package: Unknown
    path: /var/data/podman-installations/build-podman_601505070e4cf66a37d42a81156e5508d0cfb79c__centos8__fe0595683a05c0f0307e07f0cce29f6ae0b3d310__v2.0.27__v0.9.1__1.15.3__0.19.1__v1.1.10__v1.5.0/bin/crun
    version: |-
      crun version 0.19.1
      commit: 1535fedf0b83fb898d449f9680000f729ba719f5
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1626/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /var/data/podman-installations/build-podman_601505070e4cf66a37d42a81156e5508d0cfb79c__centos8__fe0595683a05c0f0307e07f0cce29f6ae0b3d310__v2.0.27__v0.9.1__1.15.3__0.19.1__v1.1.10__v1.5.0/bin/slirp4netns
    package: Unknown
    version: |-
      slirp4netns version 1.1.10
      commit: baa2bc5ff12fe6db646c1f4f3f966526c0eba5a0
      libslirp: 4.5.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.3.3
  swapFree: 8476684288
  swapTotal: 8476684288
  uptime: 869h 34m 7.95s (Approximately 36.21 days)
registries:
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  configFile: /home/erik.sjolund/storage.conf
  containerStore:
    number: 3
    paused: 0
    running: 0
    stopped: 3
  graphDriverName: overlay
  graphOptions:
    overlay.mount_program:
      Executable: /var/data/podman-installations/build-podman_601505070e4cf66a37d42a81156e5508d0cfb79c__centos8__fe0595683a05c0f0307e07f0cce29f6ae0b3d310__v2.0.27__v0.9.1__1.15.3__0.19.1__v1.1.10__v1.5.0/bin/fuse-overlayfs
      Package: Unknown
      Version: |-
        fusermount3 version: 3.2.1
        fuse-overlayfs: version 1.5
        FUSE library version 3.4.1
        using FUSE kernel interface version 7.27
  graphRoot: /home/erik.sjolund/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 1
  runRoot: /run/user/1626/containers
  volumePath: /home/erik.sjolund/.local/share/containers/storage/volumes
version:
  APIVersion: 3.2.0-dev
  Built: 1621512685
  BuiltTime: Thu May 20 14:11:25 2021
  GitCommit: fe0595683a05c0f0307e07f0cce29f6ae0b3d310
  GoVersion: go1.15.3
  OsArch: linux/amd64
  Version: 3.2.0-dev

Package info (e.g. output of rpm -q podman or apt list podman):

Podman was built in a GitHub Actions workflow and
downloaded from https://github.com/eriksjolund/build-podman/actions/runs/860325818
@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label May 21, 2021
@flouthoc flouthoc mentioned this issue May 27, 2021
Merged
flouthoc added a commit to flouthoc/podman that referenced this issue May 29, 2021
@flouthoc
rootless: fix SIGSEGV ,make LISTEN_FDNAMES optional [Closes container…
2addc0f 
…s#10435].

[NO TESTS NEEDED]

Signed-off-by: flouthoc <[email protected]>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 21, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 21, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

rootless: fix SIGSEGV, Make LISTEN_FDNAMES optional flouthoc/podman
1 participant
@eriksjolund