Project

General

Profile

Actions

Bug #7806

closed

svccfg restore segfaults in upgrade_manifestfiles

Added by Andrew Stormont almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Start date:
2017-01-25
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
needs-triage
Gerrit CR:

Description

When doing an “svccfg restore” SMF attempts to update the manifestfiles property group on each instance. If this property group is missing SMF dereferences a NULL pointer and segfaults.

# pstack core
core 'core' of 28570:   /usr/sbin/svccfg restore /tmp/archive.xml
 08066491 upgrade_manifestfiles (0, 847ab98, 81d2888, 81d2708, 0, 808df80) + 1ec
 080667c3 process_old_pg (81d2848, 847ab98, 81d2708, 81d2888) + 212
 080672fc upgrade_props (81d2708, 81d2888, 81d2808, 847ab98, 8047ab0, 1) + e7
 080799b9 lscf_service_import (847ab98, 8047c18, fef50100, 0, 0, 3) + 1587
 fea25384 uu_list_walk (80caec8, 8078432, 8047c18, 0, 8047c10, fefbdeb0) + cd
 080753bb lscf_bundle_import (80c9fa0, 80c8ee8, 80, 7ab92be, 80adf20, 80ae188) + 252
 0805d990 engine_restore (80c8ee8, 0, b8, ab929f4, b6, 80ccf60) + 54
 08088d7e yyparse  (80e0648, 3a10b7f8, 0, 3, 8047d4c, 3) + 8de
 0805c862 engine_exec (80e0648, 8096214, 800, 805bd37, 805bd29, 80a9000) + 33
 0805c183 main     (3, 8047d4c, 8047d5c, 808c680, 0, 0) + 146
 0805bb63 _start   (3, 8047e1c, 8047e2d, 8047e35, 0, 8047e46) + 83

mfst_pgroup is assumed to be set to something non-NULL here: https://github.com/illumos/illumos-gate/blob/master/usr/src/cmd/svc/svccfg/svccfg_libscf.c#L3968

Here is where the dereference happens: https://github.com/illumos/illumos-gate/blob/master/usr/src/cmd/svc/svccfg/svccfg_libscf.c#L3992

The fix is to have SMF create the property group if it’s missing.

Actions #1

Updated by Andrew Stormont almost 5 years ago

  • Description updated (diff)
Actions #3

Updated by Andrew Stormont almost 5 years ago

  • Description updated (diff)
Actions #4

Updated by Andrew Stormont almost 5 years ago

  • Subject changed from svccfg restore segfaults to svccfg restore segfaults in upgrade_manifestfiles
  • Description updated (diff)
Actions #5

Updated by Andrew Stormont almost 5 years ago

  • Description updated (diff)
Actions #6

Updated by Andrew Stormont almost 5 years ago

  • Description updated (diff)
Actions #7

Updated by Electric Monk almost 5 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100

git commit a317d5f60cbb8b31bf3341744d7d938e7218e552

commit  a317d5f60cbb8b31bf3341744d7d938e7218e552
Author: Andrew Stormont <astormont@racktopsystems.com>
Date:   2017-01-30T21:31:35.000Z

    7806 svccfg restore segfaults in upgrade_manifestfiles
    Reviewed by: Toomas Soome <tsoome@me.com>
    Reviewed by: Jason King <jason.brian.king@gmail.com>
    Approved by: Dan McDonald <danmcd@omniti.com>

Actions

Also available in: Atom PDF