Ubuntu
gdm package

gdm XDMCP server crashes with Xwilling script

Bug #325774 reported by gcc
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gdm
Expired
High
gdm (Debian)
Fix Released
Unknown
gdm (Ubuntu)
Fix Released
Medium
Ubuntu Desktop Bugs
Declined for Hardy by Sebastien Bacher

Bug Description

Binary package hint: gdm

"gdm seems to crash when I put a Xwilling script in my /etc/gdm/
directory (or alternatively when I tell it to execute a script
elsewhere with my gdm.conf.) When an XDMCP query hits the server, I
see this line in /var/log/syslog, which indicates a crash:

Aug 19 23:31:59 beazley gdm[13615]: WARNING: main daemon: Got SIGABRT.
Something went very wrong. Going down!"

or alternatively (when build with debugging enabled):

*** glibc detected *** ./gdm-binary: double free or corruption (fasttop): 0x080f46c0 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6[0xb7629a85]
/lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb762d4f0]
/usr/lib/libglib-2.0.so.0(g_free+0x31)[0xb7750b51]
./gdm-binary[0x80825be]
./gdm-binary[0x8082c72]
./gdm-binary[0x8082d1c]
./gdm-binary[0x8082db5]
./gdm-binary[0x8085ee8]
/usr/lib/libglib-2.0.so.0[0xb777cfed]
/usr/lib/libglib-2.0.so.0(g_main_context_dispatch+0x176)[0xb7748cc6]
/usr/lib/libglib-2.0.so.0[0xb774c083]
/usr/lib/libglib-2.0.so.0(g_main_loop_run+0x1e7)[0xb774c467]
./gdm-binary[0x8052ec0]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb75d4450]
./gdm-binary[0x804faf1]

Bug reported upstream:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495797
http://bugzilla.gnome.org/show_bug.cgi?id=530585#c11

Patch attached to both issues, and here (note: only the g_free part of the patch is necessary to fix this crash).

Related branches

lp:ubuntu/lucid/gdm
Revision history for this message
gcc (chris+ubuntu-qwirx) wrote :
Pedro Villavicencio (pedro)
Changed in gdm:
assignee: nobody → desktop-bugs
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
gcc (chris+ubuntu-qwirx) wrote :

Please note: the double free part of the patch has been applied upstream in Gnome. Please apply to Ubuntu
Hardy GDM.

Cheers, Chris.

http://bugzilla.gnome.org/show_bug.cgi?id=530585#c13

Revision history for this message
gcc (chris+ubuntu-qwirx) wrote :

Upstream bug fixed in Debian by applying vendor patches, new version released (2.20.9-1), Debian bug closed.

Bug Watch Updater (bug-watch-updater)
Changed in gdm:
status: Unknown → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in gdm:
status: Unknown → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gdm - 2.20.9-0ubuntu1

---------------
gdm (2.20.9-0ubuntu1) jaunty; urgency=low

  * New upstream version:
    - Fix processing of configuration variables in GDM's cleanup function so
      that configuration options aren't checked after they are freed.
    - Fix for underquoted strings in comparisons in the Init script.
    - Update docs so that the PamStack configuration option is explained.
    - Correct processing of CONSOLE and PASSREQ /etc/default/login parameters
      so that they are checked each time a user logs in, and the most recent
      setting is used. Thus, if the value is changed, GDM honors it immediately.
    - Trusted Solaris integration now supports multilabel session entires.
    - Fix so that the gdm_ensure_sanity function is non-functional on Solaris.
      This function sets file permissions on sockets which are inappropriate o
      Solaris.
    - When using the Solaris ZFS filesystem, the ACL's are now properly set
      so that the "gdm" user has access to the sound device, so text-to-speech
      can work.
    - Fix for Solaris fbconsole launching code so that fbconsole is killed when
      the user logs out.
    - Use bourne-shell syntax in config/Xsession.solaris which is more portable.
    - Translation updates
  [ Debian changes ]
  * 51_xkb_init.patch: new patch, stolen upstream. Handle the case where
    XKB is not properly initialized.
  * 52_xdmcp_fixes.patch: new patch, stolen upstream. Fix a double free
    and improve error handling for XDMCP. Hopefully closes: #495797.
    (lp: #325774)

 -- Sebastien Bacher <email address hidden> Fri, 13 Mar 2009 12:45:34 +0100

Changed in gdm:
status: Triaged → Fix Released
Revision history for this message
gcc (chris+ubuntu-qwirx) wrote :

Please could this bug fix be backported to Hardy? It's now in Debian Stable.

If there is no release manager for GDM, does that mean that nobody has authority to evaluate this bug and to decide whether to backport the fix, so it will never happen? If so, can I volunteer to be a release manager for gdm?

Bug Watch Updater (bug-watch-updater)
Changed in gdm:
status: Confirmed → Invalid
Bug Watch Updater (bug-watch-updater)
Changed in gdm:
importance: Unknown → High
status: Invalid → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.