Bug 15589

Summary: Relies on userdb cache being enabled
Product: dbus Reporter: Scott James Remnant <scott>
Component: coreAssignee: Havoc Pennington <hp>
Status: RESOLVED DUPLICATE QA Contact: John (J5) Palmieri <johnp>
Severity: normal    
Priority: medium CC: thoenig
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description Scott James Remnant 2008-04-18 12:54:48 UTC 
D-Bus relies on the userdb cache being enabled to be able to hold on to user info structures (which don't have refcounting).

Test case:
 1) disable the userdb cache
 2) start a minimal dbus server
 3) connect to it _from the same username_

The server will have already looked up its own username, and will be holding on to the info for that (to compare it against users coming in, I suspect).

When the new connection comes in, it will look up the username of *that*, which will invalidate the existing entry in the hash table.  Then when it compares the new info with the info of its own user, you'll be reading from free'd memory.

This could be partially fixed by not putting new info entries into the hash table, but then there'd be a memory leak for every time you looked one up, since it won't be clear who owns it.
Comment 1 Mark Seaborn 2009-03-17 08:22:43 UTC 

*** This bug has been marked as a duplicate of bug 17133 ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.