search

hercules-team / augeas

A configuration editing tool and API
http://augeas.net/
GNU Lesser General Public License v2.1
486 stars 199 forks source link

Segmentation fault in aug_save if file not writeable #178

Closed stromnet closed 9 years ago

stromnet commented 9 years ago

Hi, I noticed that aug_save will segfault if the target file is not writeable.

FreeBSD 10.0 augeas 1.2.0 (1.3.0 tested too, same issue)

Minimal test case:

#include <fcntl.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/stat.h>
#include <augeas.h>
int main(int argc, char **argv) {
    const char *pth = "/tmp/unwritable.conf";

    augeas *aug = aug_init("/", NULL, 0);
    aug_set(aug, "/augeas/load/IniFile/lens", "puppet.lns");
    aug_set(aug, "/augeas/load/IniFile/incl[1]", pth);
    aug_load(aug);

    int fh = open(pth, O_WRONLY|O_CREAT);
    write(fh, "[test]\nkey=0\n", 16);
    close(fh);

    chmod(pth, 0); // with 0644 the file is properly updated

    aug_set(aug, "/files/tmp/unwritable.conf/test/key", "test");

    aug_save(aug);
    aug_close(aug);

    return 0;
 }

Built with:

cc -O test.c -o test -I /usr/local/include -I /usr/local/include/libxml2  -L /usr/local/lib -l augeas

Executed under GDB:

Program received signal SIGSEGV, Segmentation fault.
0x000000080084626f in __aug_close_memstream () from /usr/local/lib/libaugeas.so.0
(gdb) where
#0  0x000000080084626f in __aug_close_memstream () from /usr/local/lib/libaugeas.so.0
#1  0x0000000800845f1f in __aug_close_memstream () from /usr/local/lib/libaugeas.so.0
#2  0x00000008008251b0 in aug_save () from /usr/local/lib/libaugeas.so.0
#3  0x000000080082519e in aug_save () from /usr/local/lib/libaugeas.so.0
#4  0x0000000800824f50 in aug_save () from /usr/local/lib/libaugeas.so.0
#5  0x0000000000400af5 in main ()
(gdb)
raphink commented 9 years ago

ping @lutter

stromnet commented 9 years ago

Just tested, on Debian 7.7 with libaugeas 0.10.0-1 it does not occur, and with manually built 1.3.0 it does not occur either.

Side note: This issue was found after trying to re-create an situation where python-augeas sometimes reported success and sometimes reported failure, when trying to aug_save() a file which was not writable by the user running the code.

At first glance, before realising that it was bad permissions that was the cause, it looked very similar to what is described in this post: https://www.redhat.com/archives/augeas-devel/2008-November/msg00000.html . I.e, calling save again "seemed" to work (but most likely did not actually update the file). I was not able to reproduce this on FreeBSD, but found the above instead.

lutter commented 9 years ago

Thanks for the very thorough bug report (and shame on me for not acting on it earlier)

This is no fixed as of 0fb290bd