Crash on reload if a connection has unknown user/group
This affects the system bus (mostly).
To reproduce:
- Have a policy with group rules (provided by e.g. avahi)
- Create a user account
- As that user, create a connection to the system bus
- Delete the user account forcibly, without killing the process.
ps
then shows the plain uid instead oftestuser
. - Trigger a reload (
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
) - Trigger another reload
As script:
useradd -m testuser
su testuser -c "dbus-monitor --system" &
userdel -f testuser
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
The result is a crash due to a nullptr deref:
bus_client_policy_unref
bus_connections_reload_policy
process_config_every_time
...
(With asserts enabled it would abort instead)
In many places, dbus assumes that every connection has a non-null policy,
but this can happen in bus_connections_reload_policy
, which logs a message
in that case and returns an error. At that point the connection is in an invalid
state already though and the next bus_connections_reload_policy
crashes due to
the null policy.
Found by openQA: https://openqa.opensuse.org/tests/1931448#step/wine/14
A previous step of that test creates various user accounts for testing
the display manager and deletes them again. The "dangling" process is caused
by geoclue2's agent in /etc/xdg/autostart
.