Ubuntu
libpam-mount package

Merge ~utkarsh/ubuntu/+source/libpam-mount:lp1891552-fix-segfault into ubuntu/+source/libpam-mount:ubuntu/focal-devel

  1. Git
  2. lp:~utkarsh/ubuntu/+source/libpam-mount
  3. lp1891552-fix-segfault
  4. Merge into ubuntu/focal-devel
Proposed by Utkarsh Gupta
Status: Merged
Approved by: Christian Ehrhardt 
Approved revision: 278b819da6363e88663d437bb8ccd6c41dac4ad5
Merged at revision: 278b819da6363e88663d437bb8ccd6c41dac4ad5
Proposed branch: ~utkarsh/ubuntu/+source/libpam-mount:lp1891552-fix-segfault
Merge into: ubuntu/+source/libpam-mount:ubuntu/focal-devel
Diff against target: 118 lines (+28/-10)
4 files modified
debian/changelog (+13/-0)
debian/control (+2/-1)
debian/patches/0016-Port-to-pcre2.patch (+5/-5)
debian/tests/local-luks (+8/-4)
Reviewer Review Type Date Requested Status
Christian Ehrhardt  (community) Approve
Canonical Server Pending
git-ubuntu developers Pending
Review via email: mp+400121@code.launchpad.net

Description of the change

Hello,

This MP intends to fix the segfault, as reported in LP: #1891552.

PPA at https://launchpad.net/~utkarsh/+archive/ubuntu/experimental-dump/

Autopkgtest is passing and happy:
```
autopkgtest [20:28:49]: @@@@@@@@@@@@@@@@@@@@ summary
local-luks PASS
```

Requesting you to please review and sponsor the upload. Let me know if you have any questions. TIA! :)

To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Please add https://salsa.debian.org/debian/libpam-mount/-/merge_requests/3 for the test-fixes

IMHO we could do so on any release we SRU-touch, and once Debian merged it we will sync it on 21.10.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI - I've mentioned the autopkgtest fixes in the SRU template

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Test fixes match what I have worked on +1 to that

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

I know you've taken the patch from Debian as-is but to have some references we could/should link to https://salsa.debian.org/debian/libpam-mount/-/commit/c166793d582048587a4091a6deed9824b535f4c8 ?

review: Needs Fixing
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Other than that I found no issue, well done.

Once that bit is resolved (or you have other opinions about it to discuss) ping and I can sponsor.

Revision history for this message
Utkarsh Gupta (utkarsh) wrote :

Hello Christian,

Thanks for the review. I've added the commit reference in the commit message. Hope that works for you?

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

In the patch header actually, but no need to ping/pong for that - I've changed it on sponsoring with an added commit by me.

To ssh://git.launchpad.net/~usd-import-team/ubuntu/+source/libpam-mount
 * [new tag] upload/2.16-10ubuntu0.20.04.1 -> upload/2.16-10ubuntu0.20.04.1

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading libpam-mount_2.16-10ubuntu0.20.04.1.dsc: done.
  Uploading libpam-mount_2.16-10ubuntu0.20.04.1.debian.tar.xz: done.
  Uploading libpam-mount_2.16-10ubuntu0.20.04.1_source.buildinfo: done.
  Uploading libpam-mount_2.16-10ubuntu0.20.04.1_source.changes: done.
Successfully uploaded packages.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index f207f49..2e70d62 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
1libpam-mount (2.16-10ubuntu0.20.04.1) focal; urgency=medium
2
3 [ Utkarsh Gupta ]
4 * Fix segmentation fault in libpcre2-8-0 when using regex
5 in (cifs) volume. (LP: #1891552)
6 - d/p/0016-Port-to-pcre2.patch: Fix pcre2 patch.
7 Thanks to Jochen Sprickerhof for the patch.
8
9 [ Christian Ehrhardt ]
10 * d/t/local-luks: fix autopkgtests.
11
12 -- Utkarsh Gupta <utkarsh.gupta@canonical.com> Fri, 26 Mar 2021 20:02:14 +0530
13
1libpam-mount (2.16-10) unstable; urgency=medium14libpam-mount (2.16-10) unstable; urgency=medium
215
3 [ Christian Ehrhardt ]16 [ Christian Ehrhardt ]
diff --git a/debian/control b/debian/control
index 1ba3c5f..6fbdc4c 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,8 @@
1Source: libpam-mount1Source: libpam-mount
2Section: admin2Section: admin
3Priority: optional3Priority: optional
4Maintainer: Jochen Sprickerhof <jspricke@debian.org>4Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
5XSBC-Original-Maintainer: Jochen Sprickerhof <jspricke@debian.org>
5Build-Depends:6Build-Depends:
6 debhelper-compat (= 12),7 debhelper-compat (= 12),
7 libblkid-dev,8 libblkid-dev,
diff --git a/debian/patches/0016-Port-to-pcre2.patch b/debian/patches/0016-Port-to-pcre2.patch
index a804429..b41a91b 100644
--- a/debian/patches/0016-Port-to-pcre2.patch
+++ b/debian/patches/0016-Port-to-pcre2.patch
@@ -44,7 +44,7 @@ index e86b05d..203e490 100644
44 44
45 #45 #
46diff --git a/src/rdconf1.c b/src/rdconf1.c46diff --git a/src/rdconf1.c b/src/rdconf1.c
47index 6869d25..5b4f4f3 10064447index b252aa0..68e4b2d 100644
48--- a/src/rdconf1.c48--- a/src/rdconf1.c
49+++ b/src/rdconf1.c49+++ b/src/rdconf1.c
50@@ -21,7 +21,8 @@50@@ -21,7 +21,8 @@
@@ -68,7 +68,7 @@ index 6869d25..5b4f4f3 100644
68- pcre *rd;68- pcre *rd;
69+ unsigned int flags = PCRE2_DOLLAR_ENDONLY | PCRE2_DOTALL |69+ unsigned int flags = PCRE2_DOLLAR_ENDONLY | PCRE2_DOTALL |
70+ PCRE2_NO_AUTO_CAPTURE;70+ PCRE2_NO_AUTO_CAPTURE;
71+ int errcode = NULL, ret;71+ int errcode = 0, ret;
72+ PCRE2_SIZE erroffset;72+ PCRE2_SIZE erroffset;
73+ pcre2_code_8 *rd;73+ pcre2_code_8 *rd;
74+ PCRE2_UCHAR buffer[256];74+ PCRE2_UCHAR buffer[256];
@@ -83,7 +83,7 @@ index 6869d25..5b4f4f3 100644
83- } else if (rd == NULL) {83- } else if (rd == NULL) {
84- l0g("pcre_compile failed: %s\n", strerror(errno));84- l0g("pcre_compile failed: %s\n", strerror(errno));
85+ flags |= PCRE2_CASELESS;85+ flags |= PCRE2_CASELESS;
86+ rd = pcre2_compile(pattern, PCRE2_ZERO_TERMINATED, flags, &errcode, &erroffset, NULL);86+ rd = pcre2_compile((PCRE2_SPTR)pattern, PCRE2_ZERO_TERMINATED, flags, &errcode, &erroffset, NULL);
87+ if (rd == NULL) {87+ if (rd == NULL) {
88+ l0g("pcre2_compile failed: %s at offset %d\n", buffer, (int)erroffset);88+ l0g("pcre2_compile failed: %s at offset %d\n", buffer, (int)erroffset);
89 return -1;89 return -1;
@@ -91,8 +91,8 @@ index 6869d25..5b4f4f3 100644
91 91
92- ret = pcre_exec(rd, NULL, s, strlen(s), 0, 0, NULL, 0);92- ret = pcre_exec(rd, NULL, s, strlen(s), 0, 0, NULL, 0);
93- if (ret == PCRE_ERROR_NOMATCH) {93- if (ret == PCRE_ERROR_NOMATCH) {
94+ match_data = pcre2_match_data_create_from_pattern(pattern, NULL);94+ match_data = pcre2_match_data_create_from_pattern(rd, NULL);
95+ ret = pcre2_match(rd, s, strlen(s), 0, 0, match_data, 0);95+ ret = pcre2_match(rd, (PCRE2_SPTR)s, strlen(s), 0, 0, match_data, 0);
96+ if (ret == PCRE2_ERROR_NOMATCH) {96+ if (ret == PCRE2_ERROR_NOMATCH) {
97 l0g("pcre_exec: no match\n");97 l0g("pcre_exec: no match\n");
98 ret = false;98 ret = false;
diff --git a/debian/tests/local-luks b/debian/tests/local-luks
index 7ea2a8e..502c259 100644
--- a/debian/tests/local-luks
+++ b/debian/tests/local-luks
@@ -8,7 +8,7 @@ createluks()
8 type=${2}8 type=${2}
9 tdir=$(mktemp --directory)9 tdir=$(mktemp --directory)
1010
11 fallocate -l 8M "/tmp/disk-l${id}.img"11 fallocate -l 32M "/tmp/disk-l${id}.img"
12 cryptsetup luksFormat --batch-mode --verbose --force-password --key-file=/home/alice/alice.key --type "${type}" "/tmp/disk-l${id}.img"12 cryptsetup luksFormat --batch-mode --verbose --force-password --key-file=/home/alice/alice.key --type "${type}" "/tmp/disk-l${id}.img"
13 cryptsetup open --type "${type}" --batch-mode --verbose --key-file=/home/alice/alice.key "/tmp/disk-l${id}.img" "img-luks${id}"13 cryptsetup open --type "${type}" --batch-mode --verbose --key-file=/home/alice/alice.key "/tmp/disk-l${id}.img" "img-luks${id}"
14 mkfs.ext4 -L "IMG-LUKS${id}" "/dev/mapper/img-luks${id}"14 mkfs.ext4 -L "IMG-LUKS${id}" "/dev/mapper/img-luks${id}"
@@ -31,20 +31,24 @@ checkluks()
31 # smoke tests the mount and if not working print debug from journal31 # smoke tests the mount and if not working print debug from journal
32 # shellcheck disable=SC202932 # shellcheck disable=SC2029
33 ssh -o "StrictHostKeyChecking=no" -i test.key alice@localhost "ls -laF ~/img-luks${id}/testfile" || journalctl -xe -u ssh --no-pager33 ssh -o "StrictHostKeyChecking=no" -i test.key alice@localhost "ls -laF ~/img-luks${id}/testfile" || journalctl -xe -u ssh --no-pager
34 sleep 5s
3435
35 # make sure we are using an actual mount36 # make sure we are using an actual mount
36 ssh -o "StrictHostKeyChecking=no" -i test.key alice@localhost "mount" | grep "img-luks${id}"37 ssh -o "StrictHostKeyChecking=no" -i test.key alice@localhost "mount" | grep "img-luks${id}"
38 sleep 5s
3739
38 # compare data on encrypted disk via local login shell40 # compare data on encrypted disk via local login shell
39 # ensure su from root (needs no PW) does not re-ask for a pass (gets it from ~alice/alice.key anyway)41 # ensure su from root (needs no PW) does not re-ask for a pass (gets it from ~alice/alice.key anyway)
40 sed -i -e 's/pam_mount.so$/pam_mount.so disable_interactive/' /etc/pam.d/common-auth42 sed -i -e 's/pam_mount.so\s*$/pam_mount.so disable_interactive/' /etc/pam.d/common-auth
41 sed -i -e 's/pam_mount.so$/pam_mount.so disable_interactive/' /etc/pam.d/common-session43 sed -i -e 's/pam_mount.so\s*$/pam_mount.so disable_interactive/' /etc/pam.d/common-session
42 su --login --command "cat ~/img-luks${id}/testfile" alice > "luks${id}"44 su --login --command "cat ~/img-luks${id}/testfile" alice > "luks${id}"
45 sleep 5s
43 cmp expected "luks${id}"46 cmp expected "luks${id}"
4447
45 # compare data on encrypted disk via ssh bsed login48 # compare data on encrypted disk via ssh based login
46 # shellcheck disable=SC202949 # shellcheck disable=SC2029
47 ssh -o "StrictHostKeyChecking=no" -i test.key alice@localhost "cat ~/img-luks${id}/testfile" > "luks${id}"50 ssh -o "StrictHostKeyChecking=no" -i test.key alice@localhost "cat ~/img-luks${id}/testfile" > "luks${id}"
51 sleep 5s
48 cmp expected "luks${id}"52 cmp expected "luks${id}"
4953
50 # restore configuration54 # restore configuration

Subscribers

People subscribed via source and target branches