Bug 222510

Summary: security/sudo: Immediate segfault when hostname is not defined
Product: Ports & Packages Reporter: Guangyuan Yang <ygy>
Component: Individual Port(s)Assignee: Renato Botelho <garga>
Status: Closed FIXED    
Severity: Affects Some People CC: andrew.pennebaker, brd, emaste, freebsd, freebsd, garga, pi, pprocacci, ygy
Priority: --- Flags: bugzilla: maintainer-feedback? (garga)
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Fix for empty hostname. none

Description Guangyuan Yang freebsd_committer freebsd_triage 2017-09-22 08:10:02 UTC 
I am running 12.0-CURRENT r323729 and sudo 1.8.21p2. Without setting a hostname (leave hostname="" in /etc/rc.conf), sudo will segfault immediately with no useful information given. Once set the hostname, sudo will work just fine.

This is probably a similar bug as described in https://forums.freebsd.org/threads/62311/ and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=222115.

root@:~ # sudo
Segmentation fault

root@:~ # sudo --version
Sudo version 1.8.21p2
Configure options: --sysconfdir=/usr/local/etc --with-ignore-dot --with-tty-tickets --with-env-editor --with-logincap --with-long-otp-prompt --with-logfac=authpriv --with-bsm-audit --enable-nls --disable-noargs-shell --with-pam --prefix=/usr/local --localstatedir=/var --mandir=/usr/local/man --infodir=/usr/local/info/ --build=amd64-portbld-freebsd12.0
Segmentation fault
Comment 1 Martin Filla 2017-10-11 17:31:52 UTC 
Hi i am have same problem with sudo this my version OS and sudo
FreeBSD  11.0-RELEASE-p12 FreeBSD 11.0-RELEASE-p12 #0: Wed Aug  9 10:03:39 UTC 2017     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64

bsd@ ~> sudo --version
Sudo version 1.8.21p2
fish: 'sudo --version' terminated by signal SIGSEGV (Address boundary error)
Comment 2 pprocacci 2017-10-20 04:05:52 UTC 
Created attachment 187317 [details]
Fix for empty hostname.

Fix for empty hostname.
Comment 3 pprocacci 2017-10-20 04:08:24 UTC 
This is a bug in sudo.  I've submitted a bug report on your behalf:

https://bugzilla.sudo.ws/show_bug.cgi?id=807

In the meantime, if you can't wait for whatever reason, place the attached patch in security/sudo/files and remake the port.  After which it won't segfault any longer.

root@:/usr/ports/security/sudo # hostname

root@:/usr/ports/security/sudo # sudo echo test
test
Comment 4 Guangyuan Yang freebsd_committer freebsd_triage 2017-10-21 16:38:22 UTC 
Thanks @pprocacci for reporting this to upstream. Now that the author has confirmed the bug and made 2 commits to fix it, we just need to wait for the next release of security/sudo and update the port.

https://bugzilla.sudo.ws/show_bug.cgi?id=807
Comment 5 Brad Davis freebsd_committer freebsd_triage 2017-11-13 14:32:41 UTC 
*** Bug 222704 has been marked as a duplicate of this bug. ***
Comment 6 Brad Davis freebsd_committer freebsd_triage 2017-11-13 14:33:08 UTC 
*** Bug 222115 has been marked as a duplicate of this bug. ***
Comment 7 Brad Davis freebsd_committer freebsd_triage 2017-11-13 14:38:05 UTC 
Garga, can I commit this against security/sudo now to help out these users while we wait for upstream to release a new version?
Comment 8 Renato Botelho freebsd_committer freebsd_triage 2017-11-13 15:48:21 UTC 
(In reply to Brad Davis from comment #7)

Please, do it! Thank you!
Comment 9 commit-hook freebsd_committer freebsd_triage 2017-11-13 16:58:41 UTC 
A commit references this bug:

Author: brd
Date: Mon Nov 13 16:58:14 UTC 2017
New revision: 454126
URL: https://svnweb.freebsd.org/changeset/ports/454126

Log:
  Pull in an upstream patch for security/sudo to not coredump if the hostname is not set.

  PR:		222510
  Approved by:	garga

Changes:
  head/security/sudo/Makefile
  head/security/sudo/files/patch-bug222510
Comment 10 commit-hook freebsd_committer freebsd_triage 2017-11-13 20:46:46 UTC 
A commit references this bug:

Author: brd
Date: Mon Nov 13 20:46:23 UTC 2017
New revision: 454149
URL: https://svnweb.freebsd.org/changeset/ports/454149

Log:
  MFH:		r454126

  Pull in an upstream patch for security/sudo to not coredump if the hostname is not set.

  PR:		222510
  Approved by:	garga

  Approved by:	portmgr (swills)

Changes:
_U  branches/2017Q4/
  branches/2017Q4/security/sudo/Makefile
  branches/2017Q4/security/sudo/files/patch-bug222510
Comment 11 Brad Davis freebsd_committer freebsd_triage 2017-11-13 20:50:31 UTC 
New pkgs should be available in a couple days.
Comment 12 Guangyuan Yang freebsd_committer freebsd_triage 2017-11-14 02:09:22 UTC 
(In reply to Brad Davis from comment #11)

Thanks!!