Comment 4 for bug 1565567

The segmentation fault[1] is due to a NULL pointer dereference[2] at : sudo-1.8.16/plugins/sudoers/pwutil.c[3]

[1] Core was generated by `sudo bash'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007fa01c0a6944 in sudo_getgrgid (gid=7241)
at /build/sudo-g3ghsu/sudo-1.8.16/plugins/sudoers/pwutil.c:462
462 /build/sudo-g3ghsu/sudo-1.8.16/plugins/sudoers/pwutil.c: No such file or directory.

[2] (gdb) p item->d.gr
$1 = (struct group *) 0x0

[3] - sudo-1.8.16/plugins/sudoers/pwutil.c:462
449 * Get a group entry by gid and allocate space for it.
450 */
451 struct group *
452 sudo_getgrgid(gid_t gid)
453 {
454 struct cache_item key, *item;
455 struct rbnode *node;
456 debug_decl(sudo_getgrgid, SUDOERS_DEBUG_NSS)
457
458 key.k.gid = gid;
459 getauthregistry(NULL, key.registry);
460 if ((node = rbfind(grcache_bygid, &key)) != NULL) {
461 item = node->data;
462 sudo_debug_printf(SUDO_DEBUG_DEBUG,
463 "%s: gid %u [%s] -> group %s [%s] (cache hit)", __func__,
464 (unsigned int)gid, key.registry, item->d.gr->gr_name,
465 item->registry);
466 goto done;
467 }

Three months ago, a additional debugging for pwutil functions has been introduced[4] upstream.
The addition is exactly where the segfault happen. I think it is worth looking this commit as a starting point.

[4] https://www.sudo.ws/repos/sudo/rev/908b83c3acbb

changeset 10331:908b83c3acbb
Additional debugging for pwutil functions.
author Todd C. Miller <email address hidden>
date Fri, 22 Jan 2016 17:04:59 -0700 (3 months ago)
parents 5a2921412663
children 5113a3c04494
files plugins/sudoers/pwutil.c
...

Thanks,
Eric