Segmentation fault in aureport's safe_print_string()
Steve Grubb
sgrubb at redhat.com
Wed May 29 17:35:54 UTC 2019
On Wednesday, May 29, 2019 11:57:48 AM EDT Steve Grubb wrote:
> Hello,
>
> On Wednesday, May 22, 2019 4:08:06 PM EDT Zephyr Pellerin wrote:
> > While running `aureport -tm', I recieved a segmentation fault, I won't be
> > able to attach the core dump but I've tried include rudimentary
> > information about the crash.
>
> Out of curiosity, which version of the audit package is doing this? And
> what C library is aureport linked with?
I think I found it. It should be fixed by this commit:
https://github.com/linux-audit/audit-userspace/commit/
cd06bc803355a535104c057370f7960c11aeef8f
Looks like sudo is sending malformed events. I'll look into that and see if I
can also get that fixed, too.
-Steve
> It looks like we have an unterminated string somewhere. IOW, it's picked
> this up somewhere and you're seeing the effect on output which isn't
> helpful. If this is reproducible, can you narrow down the event that is
> causing this by altering the start and end times to see if you can get it
> down to a couple events? That would be helpful if you can.
>
> Thanks,
> -Steve
>
> > - Backtrace
> >
> > #0 0x00007ff3d7bbf8a1 in __strlen_avx2 () from /lib64/libc.so.6
> > #1 0x000055b44a62f304 in safe_print_string ()
> > #2 0x000055b44a62dbd6 in print_per_event_item ()
> > #3 0x000055b44a62c709 in per_event_processing ()
> > #4 0x000055b44a62184c in process_log_fd ()
> > #5 0x000055b44a621c78 in process_logs ()
> > #6 0x000055b44a621597 in main ()
>
> --
> Linux-audit mailing list
> Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
More information about the Linux-audit
mailing list