1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Joseph Sutton 0e3ac110df CVE-2021-20251 tests/krb5: Convert password lockout tests to use os.fork() and os.pipe()
Running the password lockout tests on Fedora 35 occasionally results in
errors similar to the following:

    [1(0)/1 at 0s] samba.tests.krb5.lockout_tests(ad_dc:local)
    EPOLL_CTL_DEL EBADF for fde[0x5569dc76c670] mpx_fde[(nil)] fd[14] - disabling

    EPOLL_CTL_DEL EBADF for fde[0x5569dc6089c0] mpx_fde[(nil)] fd[14] - disabling

    EPOLL_CTL_DEL EBADF for fde[0x5569dbbe58e0] mpx_fde[(nil)] fd[14] - disabling

    UNEXPECTED(error): samba.tests.krb5.lockout_tests.samba.tests.krb5.lockout_tests.LockoutTests.test_lockout_race_kdc(ad_dc:local)
    REASON: Exception: Exception: concurrent.futures.process._RemoteTraceback:
    """
    Traceback (most recent call last):
      File "/usr/lib64/python3.10/concurrent/futures/process.py", line 243, in _process_worker
        r = call_item.fn(*call_item.args, **call_item.kwargs)
      File "/home/samba/src/bin/python/samba/tests/krb5/lockout_tests.py", line 141, in connect_kdc
        pipe.send_bytes(b'0')
      File "/usr/lib64/python3.10/multiprocessing/connection.py", line 205, in send_bytes
        self._send_bytes(m[offset:offset + size])
      File "/usr/lib64/python3.10/multiprocessing/connection.py", line 416, in _send_bytes
        self._send(header + buf)
      File "/usr/lib64/python3.10/multiprocessing/connection.py", line 373, in _send
        n = write(self._handle, buf)
    OSError: [Errno 9] Bad file descriptor
    """

    The above exception was the direct cause of the following exception:

    Traceback (most recent call last):
      File "/home/samba/src/bin/python/samba/tests/krb5/lockout_tests.py", line 537, in test_lockout_race_kdc
        self.do_lockout_race(connect_kdc)
      File "/home/samba/src/bin/python/samba/tests/krb5/lockout_tests.py", line 863, in do_lockout_race
        self.wait_for_ready(our_pipe, connect_future)
      File "/home/samba/src/bin/python/samba/tests/krb5/lockout_tests.py", line 471, in wait_for_ready
        raise exception
    OSError: [Errno 9] Bad file descriptor

Such messages can be seen to come from epoll_del_event(). By resorting
to lower-level facilites such as fork() and OS pipes, we lose helpful
features such as timeouts and propagation of exceptions from child
processes, but we may avoid interactions with the event system that lead
to failures.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2022-09-18 16:46:09 +00:00
..