2018-06-17 23:37 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004459Kali Linux[All Projects] General Bugpublic2018-01-23 10:14
Reporterpkreuzt 
Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
Product Version2017.3 
Target VersionFixed in Version2018.1 
Summary0004459: nm-applet segfaults when conneting to a VPN provider
DescriptionOnce the VPN is selected, it asks for root password (I'm using a non-root account for normal operation) and then crashes. The VPN connection is not completed. When launching nm-applet from console to see errors it only says "segfault".
Steps To Reproduce1. Configure a VPN
2. Click on nm-applet and select that VPN
Attached Files
  • patch file icon a52ccb2fe170558fc0aab4dd1d15ba8808b10951.patch (2,628 bytes) 2018-01-23 10:00 -
    From a52ccb2fe170558fc0aab4dd1d15ba8808b10951 Mon Sep 17 00:00:00 2001
    From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
    Date: Thu, 21 Dec 2017 20:36:48 +0100
    Subject: shared/compat: fix memory handling of nm_setting_vpn_get_*_keys()
    
    The previous fix was bad because the keys do not come from NMSettingVpn's hash
    table but are copies that are freed by nm_setting_vpn_foreach_* before
    it returns.
    
    [thaller@redhat.com: import shared code from NetworkManager, merging
    three patches together.]
    
    Fixes: e93ca7fc129ec0f29f5313a3aa12839914df8fa2
    Fixes: 0c90e08f77b71d2bda699cf032fceec0122bbf82
    
    https://mail.gnome.org/archives/networkmanager-list/2017-December/msg00069.html
    https://mail.gnome.org/archives/networkmanager-list/2017-December/msg00070.html
    ---
     shared/nm-utils/nm-compat.c | 29 ++++++++++++++++++++++-------
     1 file changed, 22 insertions(+), 7 deletions(-)
    
    diff --git a/shared/nm-utils/nm-compat.c b/shared/nm-utils/nm-compat.c
    index 47035e6..90328c0 100644
    --- a/shared/nm-utils/nm-compat.c
    +++ b/shared/nm-utils/nm-compat.c
    @@ -30,7 +30,7 @@ _get_keys_cb (const char *key, const char *val, gpointer user_data)
     {
     	GPtrArray *a = user_data;
     
    -	g_ptr_array_add (a, (gpointer) key);
    +	g_ptr_array_add (a, g_strdup (key));
     }
     
     static const char **
    @@ -40,22 +40,37 @@ _get_keys (NMSettingVpn *setting,
     {
     	guint len;
     	const char **keys = NULL;
    -	gs_unref_ptrarray GPtrArray *a = NULL;
    +	GPtrArray *a;
     
     	nm_assert (NM_IS_SETTING_VPN (setting));
     
    -	a = g_ptr_array_new ();
    +	if (is_secrets)
    +		len = nm_setting_vpn_get_num_secrets (setting);
    +	else
    +		len = nm_setting_vpn_get_num_data_items (setting);
    +
    +	a = g_ptr_array_sized_new (len + 1);
    +
     	if (is_secrets)
     		nm_setting_vpn_foreach_secret (setting, _get_keys_cb, a);
     	else
     		nm_setting_vpn_foreach_data_item (setting, _get_keys_cb, a);
    -	len = a->len;
     
    -	if (a->len) {
    +	len = a->len;
    +	if (len) {
     		g_ptr_array_sort (a, nm_strcmp_p);
     		g_ptr_array_add (a, NULL);
    -		keys = (const char **) g_ptr_array_free (g_steal_pointer (&a), FALSE);
    -	}
    +		keys = g_memdup (a->pdata, a->len * sizeof (gpointer));
    +
    +		/* we need to cache the keys *somewhere*. */
    +		g_object_set_qdata_full (G_OBJECT (setting),
    +		                         is_secrets
    +		                         ? NM_CACHED_QUARK ("libnm._nm_setting_vpn_get_secret_keys")
    +		                         : NM_CACHED_QUARK ("libnm._nm_setting_vpn_get_data_keys"),
    +		                         g_ptr_array_free (a, FALSE),
    +		                         (GDestroyNotify) g_strfreev);
    +	} else
    +		g_ptr_array_free (a, TRUE);
     
     	NM_SET_OUT (out_length, len);
     	return keys;
    -- 
    cgit v0.12
    
    
    patch file icon a52ccb2fe170558fc0aab4dd1d15ba8808b10951.patch (2,628 bytes) 2018-01-23 10:00 +

-Relationships
+Relationships

-Notes

~0007811

thegru (reporter)

I'm also experiencing similar issue, but my VPN connection succeeds. nm-applet just disappears from process list and from status bar.

Here's my backtrace:

# *** Error in `nm-applet': free(): invalid pointer: 0x000055c697082e80 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x722fb)[0x7f04d6cd52fb]
/lib/x86_64-linux-gnu/libc.so.6(+0x7895e)[0x7f04d6cdb95e]
/lib/x86_64-linux-gnu/libc.so.6(+0x791be)[0x7f04d6cdc1be]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_strfreev+0x29)[0x7f04d728f449]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_datalist_clear+0x6b)[0x7f04d725245b]
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0(g_object_unref+0x1a2)[0x7f04d754cea2]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x38e41)[0x7f04d725ce41]
/usr/lib/x86_64-linux-gnu/libnm.so.0(+0x62187)[0x7f04d84ce187]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_datalist_clear+0x6b)[0x7f04d725245b]
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0(g_object_unref+0x1a2)[0x7f04d754cea2]
nm-applet(+0x1629c)[0x55c69542129c]
nm-applet(+0x198fc)[0x55c6954248fc]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x47724)[0x7f04d726b724]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x155)[0x7f04d726ee15]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x4b1e0)[0x7f04d726f1e0]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x2c)[0x7f04d726f26c]
/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0(g_application_run+0x1fd)[0x7f04d782cbed]
nm-applet(+0x101b1)[0x55c69541b1b1]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f04d6c83561]
nm-applet(+0x102da)[0x55c69541b2da]

~0007818

sbrun (manager)

related to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885525 (with a patch)
and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886152

~0007852

roadkill (reporter)

This is an upstream bug, patch attached

~0007853

sbrun (manager)

it's fixed in version 1.8.10-2 now in kali-rolling.
+Notes

-Issue History
Date Modified Username Field Change
2018-01-08 19:59 pkreuzt New Issue
2018-01-15 10:53 thegru Note Added: 0007811
2018-01-15 13:53 sbrun Status new => confirmed
2018-01-15 13:53 sbrun Note Added: 0007818
2018-01-23 10:00 roadkill File Added: a52ccb2fe170558fc0aab4dd1d15ba8808b10951.patch
2018-01-23 10:00 roadkill Note Added: 0007852
2018-01-23 10:14 sbrun Status confirmed => resolved
2018-01-23 10:14 sbrun Resolution open => fixed
2018-01-23 10:14 sbrun Fixed in Version => 2018.1
2018-01-23 10:14 sbrun Note Added: 0007853
+Issue History