On Wednesday, May 29, 2019 11:57:48 AM EDT Steve Grubb wrote:
Hello,
On Wednesday, May 22, 2019 4:08:06 PM EDT Zephyr Pellerin wrote:
> While running `aureport -tm', I recieved a segmentation fault, I won't be
> able to attach the core dump but I've tried include rudimentary
> information about the crash.
Out of curiosity, which version of the audit package is doing this? And
what C library is aureport linked with?
I think I found it. It should be fixed by this commit:
https://github.com/linux-audit/audit-userspace/commit/
cd06bc803355a535104c057370f7960c11aeef8f
Looks like sudo is sending malformed events. I'll look into that and see if I
can also get that fixed, too.
-Steve
It looks like we have an unterminated string somewhere. IOW, it's
picked
this up somewhere and you're seeing the effect on output which isn't
helpful. If this is reproducible, can you narrow down the event that is
causing this by altering the start and end times to see if you can get it
down to a couple events? That would be helpful if you can.
Thanks,
-Steve
> - Backtrace
>
> #0 0x00007ff3d7bbf8a1 in __strlen_avx2 () from /lib64/libc.so.6
> #1 0x000055b44a62f304 in safe_print_string ()
> #2 0x000055b44a62dbd6 in print_per_event_item ()
> #3 0x000055b44a62c709 in per_event_processing ()
> #4 0x000055b44a62184c in process_log_fd ()
> #5 0x000055b44a621c78 in process_logs ()
> #6 0x000055b44a621597 in main ()
--
Linux-audit mailing list
Linux-audit(a)redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit