[Bug libc/24902] New: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug libc/24902] New: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

cvs-commit at gcc dot gnu.org
https://sourceware.org/bugzilla/show_bug.cgi?id=24902

            Bug ID: 24902
           Summary: Repeating pututxline on EINTR/EAGAIN causes stale utmp
                    entries
           Product: glibc
           Version: 2.30
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: fweimer at redhat dot com
                CC: drepper.fsp at gmail dot com
  Target Milestone: ---
             Flags: security-

When the lock upgrade in pututxline fails, file_offset and last_entry may have
become desynchronized, which causes a subsequent call to pututxline to add a
new entry even if the data at the current position could be used.

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug libc/24902] login: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

cvs-commit at gcc dot gnu.org
https://sourceware.org/bugzilla/show_bug.cgi?id=24902

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Repeating pututxline on     |login: Repeating pututxline
                   |EINTR/EAGAIN causes stale   |on EINTR/EAGAIN causes
                   |utmp entries                |stale utmp entries

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug libc/24902] login: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

cvs-commit at gcc dot gnu.org
In reply to this post by cvs-commit at gcc dot gnu.org
https://sourceware.org/bugzilla/show_bug.cgi?id=24902

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
           Assignee|unassigned at sourceware dot org   |fweimer at redhat dot com

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug libc/24902] login: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

cvs-commit at gcc dot gnu.org
In reply to this post by cvs-commit at gcc dot gnu.org
https://sourceware.org/bugzilla/show_bug.cgi?id=24902

--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
Patch posted: https://sourceware.org/ml/libc-alpha/2019-08/msg00562.html

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug libc/24902] login: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

cvs-commit at gcc dot gnu.org
In reply to this post by cvs-commit at gcc dot gnu.org
https://sourceware.org/bugzilla/show_bug.cgi?id=24902

--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Florian Weimer <[hidden email]>:

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=61d3db428176d9d0822e4e680305fe34285edff2

commit 61d3db428176d9d0822e4e680305fe34285edff2
Author: Florian Weimer <[hidden email]>
Date:   Wed Aug 28 11:59:45 2019 +0200

    login: pututxline could fail to overwrite existing entries [BZ #24902]

    The internal_getut_r function updates the file_offset variable and
    therefore must always update last_entry as well.

    Previously, if pututxline could not upgrade the read lock to a
    write lock, internal_getut_r would update file_offset only,
    without updating last_entry, and a subsequent call would not
    overwrite the existing utmpx entry at file_offset, instead
    creating a new entry.  This has been observed to cause unbounded
    file growth in high-load situations.

    This commit removes the buffer argument to internal_getut_r and
    updates the last_entry variable directly, along with file_offset.

    Initially reported and fixed by Ondřej Lysoněk.

    Reviewed-by: Gabriel F. T. Gomes <[hidden email]>

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug libc/24902] login: Repeating pututxline on EINTR/EAGAIN causes stale utmp entries

cvs-commit at gcc dot gnu.org
In reply to this post by cvs-commit at gcc dot gnu.org
https://sourceware.org/bugzilla/show_bug.cgi?id=24902

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|---                         |FIXED
   Target Milestone|---                         |2.31

--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---
Fixed in glibc 2.31.

--
You are receiving this mail because:
You are on the CC list for the bug.