Issue #3562: Use-after free if more sudo requests run and one of them fails, causing a fail-over to a next server - sssd

SSSD / sssd

#3562 Use-after free if more sudo requests run and one of them fails, causing a fail-over to a next server

Closed: Fixed 5 years ago Opened 5 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1498734

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

We used to remember id_ctx->srv_opts in sudo request to switch
the latest usn values. This works fine most of the time but it may cause
a crash.

If we have two concurrent sudo refresh and one of these fails, it causes
failover to try the next server and possibly replacing the old srv_opts
with new one and it causes an access after free in the other refresh.

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1498734

5 years ago

jhrozek commented 5 years ago

PR: https://github.com/SSSD/sssd/pull/429

Metadata Update from @jhrozek:
- Issue assigned to pbrezina
- Issue set to the milestone: None
- Issue tagged with: PR, bug

5 years ago

jhrozek commented 5 years ago

The only question before triage is if this affects also other branches, i.e. if we should apply the patch to sssd-1-13 as well.

lslebodn commented 5 years ago

master:

2ee201d

sssd-1-14:

1154c9e

Version for 1.13 could be easily done with cherry-pixk. There is just trivial conflict due to fq names refactoring sdap_sudo_qualify_names

Edited 5 years ago by lslebodn

jhrozek commented 5 years ago

@pbrezina could you prepare a sssd-1-13 backport when you're done with the access control attestation tool?

If you prefer, I can open a sssd-1-13 ticket just asking for the backport..

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.1

5 years ago

pbrezina commented 5 years ago

PR for 1.13:
https//github.com/SSSD/sssd/pull/439

lslebodn commented 5 years ago

sssd-1-13:

c5d53b0

Metadata Update from @lslebodn:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

5 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4586

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

pbrezina

Tags

Blocking

None

Depending on

None

Priority

None

Milestone

SSSD 1.16.1

type

None

component

None

version

None

selected

None

testsupdated

None

patch

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1498734

design_review

None

review

None

changelog

None

keywords

None

coverity

None

mark

None

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#3562 Use-after free if more sudo requests run and one of them fails, causing a fail-over to a next server Closed: Fixed 5 years ago Opened 5 years ago by jhrozek.

Metadata

PR bug

#3562 Use-after free if more sudo requests run and one of them fails, causing a fail-over to a next server

Closed: Fixed 5 years ago Opened 5 years ago by jhrozek.