Bug 223335 - security/oidentd: SIGSEV when a lookup arrives
Summary: security/oidentd: SIGSEV when a lookup arrives
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Some People
Assignee: Oliver Lehmann
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-31 12:06 UTC by nico
Modified: 2018-12-28 15:37 UTC (History)
2 users (show)

See Also:
tobik: maintainer-feedback?


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description nico 2017-10-31 12:06:29 UTC
11.1-RELEASE-p2 / amd64 / IPv6

security/oidentd-2.0.8_2 from ports (IPV6=yes, didn't test without) SIGSEV's for me when a lookup arrives.

root@997:~ # /usr/local/sbin/oidentd -C /usr/local/etc/oidentd.conf -di
Connection from 2001:708:40:2001::f5ee:d0de:54994
Caught SIGSEGV

The package version oidentd-2.0.8_2.txz works fine for me:

root@997:~ # /usr/local/sbin/oidentd -C /usr/local/etc/oidentd.conf -di
Connection from 2001:708:40:2001::f5ee:d0de:38756
[2001:708:40:2001::f5ee:d0de] Successful lookup: 34558 , 6697 : nico (nico)

Pretty standard system, no special make.conf besides WITH_SSP_PORTS=yes
Comment 1 henrikes-fbsdbugzilla 2017-11-16 08:43:08 UTC
I've also stumbled upon this bug.
IPv4 requests gets the response without issues, but IPv6 causes SIGSEGV.
Comment 2 Tobias Kortkamp freebsd_committer 2018-03-11 14:19:27 UTC
Fix bug title and assign maintainer manually.
Comment 3 henrikes-fbsdbugzilla 2018-08-15 10:22:32 UTC
The bug is now also seen in 11.2-RELEASE after installing oidentd-2.0.8_2.txz 

As I am a novice, I have no clue, but if I install an older version that I found in my cache, then it works as expected.

31800 Aug  8 18:23 oidentd-2.0.8_2-5011e8b44f.txz - does not work
31996 Nov  5  2017 oidentd-2.0.8_2-e88e625fb8.txz - works
Comment 4 nico 2018-12-28 15:19:15 UTC
BTW the version 2.0.8 is VERY outdated, the project seems to be maintained at GitHub now: https://github.com/janikrabe/oidentd/releases
Comment 5 nico 2018-12-28 15:37:58 UTC
I've upgraded to 2.3.1 (+removed files/patch-*) and tried again, it works now.

However dropping privs to nobody/nogroup will break it again so it has to run as root.