Bug 12647 - ncat segfault if virtmanager try to connect libvirt
Summary: ncat segfault if virtmanager try to connect libvirt
Status: CLOSED FIXED
Alias: None
Product: IPFire
Classification: Unclassified
Component: --- (show other bugs)
Version: 2
Hardware: x86_64 Unspecified
: - Unknown - - Unknown -
Assignee: Adolf Belka
QA Contact: Jonatan Schlag
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-06-24 07:30 UTC by Arne.F
Modified: 2021-10-05 11:09 UTC (History)
2 users (show)

See Also:


Attachments
patch file for testing of segfault fix (3.16 KB, patch)
2021-06-24 21:10 UTC, Adolf Belka
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Arne.F 2021-06-24 07:30:46 UTC
ncat 7.91 crash with segfault if virtmanager try to connect libvirt (ssh)
Comment 1 Michael Tremer 2021-06-24 10:08:27 UTC
I reverted this in master for now:

> https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=addeeb1f79825fdf2e03c089d661686050b336d5
Comment 2 Adolf Belka 2021-06-24 10:54:12 UTC
So I have had a search on this in the nmap repository.

nmap-7.91 was released on Oct 10th 2020.

seg fault issue was identified on Oct 15th 2020.
https://github.com/nmap/nmap/issues/2154

patch to fix was committed on Oct 16th 2020

Issue was closed in nmap repository on Oct 16th 2020
818 closed issues in the nmap repository


I will create a patch to use the nmap patch and post it here in bugzilla so it can be tested and confirmed to solve the problem we are having.
Comment 3 Michael Tremer 2021-06-24 11:02:58 UTC
Sounds good. Thank you.
Comment 4 Adolf Belka 2021-06-24 12:21:05 UTC
Just to check.

I need to do my patch submission against master and not next as the reversion is showing up in master but not in next.
Comment 5 Michael Tremer 2021-06-24 12:25:28 UTC
Yes, please.
Comment 6 Adolf Belka 2021-06-24 21:10:16 UTC
Created attachment 914 [details]
patch file for testing of segfault fix

As per https://github.com/nmap/nmap/issues/2154
I ran the following commands with the old version of ncat-7.91

-bash-5.1$ touch /tmp/foo
-bash-5.1$ nc -U /tmp/foo 

and got the result

Segmentation fault


Then I uninstalled that version and installed the .ipfire package built with the patch from nmap/issues/2154

then re-ran

-bash-5.1$ nc -U /tmp/foo

and got

Ncat: Connection refused.

So the patch worked for me using the above commands.

If someone could try my IPFire build patch with the libvirt commands to confirm it also works with the issue that raised the bug in the first place. If it works then I will submit into the development mailing list.
Comment 7 cawfee 2021-06-24 21:11:37 UTC
if I remember correctly, the problem with me also occurred only after the last update of ncat.
Comment 8 Adolf Belka 2021-06-24 21:22:42 UTC
That's correct. The problem was caused in the 7.91 release of ncat (nmap).

ncat was reverted from 7.91 to 7.80 in the master repository.

I have then redone the update from 7.80 to 7.91 but including the patch created by the nmap team to fix this problem.
Comment 10 Peter Müller 2021-09-04 10:09:39 UTC
Resetting this back to ASSIGNED since the patch has not been merged yet.
Comment 11 Adolf Belka 2021-09-06 11:51:23 UTC
Patch has been merged into next - Core Update 160

https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=999b71cf47dc120eb1b0e558dc6a8dbbf66f7a17
Comment 13 Adolf Belka 2021-09-27 11:49:46 UTC
Tested out the fix in Core Update 160 Testing by doing:

-bash-5.1$ touch /tmp/foo
-bash-5.1$ nc -U /tmp/foo 

and got the result

Ncat: Connection refused.

and no longer Segmentation Fault.

This indicates that the problem has been fixed.

It would be good if someone using libvirt could try it with Core Update 160 Testing to confirm it solves the original problem.
Comment 14 Michael Tremer 2021-09-27 18:31:51 UTC
You can set the status to VERIFIED if there is sufficient feedback that this bug is fixed. I suppose one tester is enough for a segfault, but it might vary on other issues.