proposed-migration for faketime 0.9.10-2.1ubuntu1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
bash (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
faketime (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
sssd (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
faketime 0.9.10-2.1ubuntu1 is stuck in -proposed with build failures on armhf.
On armhf, the testsuite confusingly fails with a stack smash error. But this error happens in bash, which isn't even meant to be the process under test.
Minimal reproducer:
# LD_PRELOAD=
*** stack smashing detected ***: terminated
Aborted (core dumped)
#
Confusingly, ltrace shows different results for the newly-built binary than from one built without 64-bit time_t.
# LD_PRELOAD=
bash->getrandom
bash->getrandom
*** stack smashing detected ***: terminated
--- SIGABRT (Aborted) ---
+++ killed by SIGABRT +++
# LD_PRELOAD=
bash->gettimeof
bash->getpid() = 819717
bash->gettimeof
bash->getpid() = 819717
bash->gettimeof
bash->getpid() = 819717
+++ exited (status 0) +++
#
Unsetting -DFAKE_RANDOM in debian/rules does not fix the problem however.
So simply loading the LD_PRELOAD library without executing it seems to be enough to break bash.
CVE References
Changed in faketime (Ubuntu): | |
assignee: | nobody → Steve Langasek (vorlon) |
assignee: | Steve Langasek (vorlon) → nobody |
description: | updated |
Changed in faketime (Ubuntu): | |
milestone: | none → ubuntu-24.04-beta |
Unsurprisingly, there are some symbol differences.
# diff -u <(objdump -T /usr/lib/ arm-linux- gnueabihf/ faketime/ libfaketime. so.1 | grep '\.text' | cut -b34- | sort -u) <(objdump -T ./src/libfaketi me.so.1 | grep '\.text' | cut -b34- | sort -u)@@ -1,50 +1,51 @@ nanosleep_ time64 monotonic_ fix cond_destroy cond_timedwait
Base __clock_gettime
+Base __clock_gettime64
+Base __clock_
+Base __fstat64_time64
Base __ftime
+Base __futimens64
Base __fxstat
Base __fxstat64
Base __fxstatat
Base __fxstatat64
Base __gettimeofday
+Base __lstat64_time64
Base __lxstat
Base __lxstat64
+Base __nanosleep64
+Base __ppoll64
+Base __pselect64
+Base __select64
+Base __sem_timedwait64
+Base __stat64_time64
Base __time
+Base __time64
+Base __timerfd_gettime64
+Base __timerfd_settime64
+Base __timespec_get64
+Base __utimensat64
Base __xstat
Base __xstat64
Base alarm
-Base clock_gettime
-Base clock_nanosleep
Base epoll_pwait
Base epoll_wait
-Base fstat
Base ftime
-Base futimens
Base getentropy
Base getpid
Base getrandom
Base gettimeofday
Base lock_for_stat
-Base lstat
-Base nanosleep
Base needs_forced_
Base poll
-Base ppoll
-Base pselect
Base pthread_
Base pthread_cond_init
Base pthread_
Base read_config_file
-Base select
-Base sem_timedwait
Base sleep
-Base stat
-Base time
-Base timerfd_gettime
-Base timerfd_settime
-Base timespec_get
+Base statx
Base unlock_for_stat
Base usleep
Base utime
-Base utimensat
Base utimes
GLIBC_2.2) timer_gettime
GLIBC_2.2) timer_settime
#
One or more of these functions may be broken under TIME_BITS=64. But we don't get far enough to figure that out?