Yes, this was discovered and advertised on the web page. The fix is in
svn and 2.2.6 will be released at the end of April.
Will Day wrote:
> In cfengine-2.2.5, I'm observing a segfault in CfSetUid at src/popen.c:704:
>
> if ((pw = getpwuid(uid)) == NULL) {
> snprintf(OUTPUT,CF_BUFSIZE,"Unable to get login groups when dropping
> privilege to %s=%d",pw->pw_name,uid);
> CfLog(cferror,OUTPUT,"initgroups");
> return false;
> }
>
> The snprintf tries to dereference pw, after pw was just tested and found to be
> NULL.
>
--
Mark Burgess
Web: http://www.iu.hio.no/~mark
Tlf: +47 22453272
_______________________________________________
Bug-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/bug-cfengine
