Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1451820

Summary: "setfacl --restore" fails due to use of uninitialized memory [el7]
Product: Red Hat Enterprise Linux 7 Reporter: Kamil Dudka <kdudka>
Component: aclAssignee: Kamil Dudka <kdudka>
Status: CLOSED ERRATA QA Contact: Eva Mrakova <emrakova>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.4CC: emrakova, kdudka, qe-baseos-security, rmetrich, sct
Target Milestone: rcKeywords: EasyFix, Patch
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: acl-2.2.51-14.el7 Doc Type: No Doc Update
Doc Text:
undefined
 Story Points: ---
Clone Of: 1451801
: 1451826 (view as bug list) Environment:
Last Closed: 2018-04-10 13:13:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1451826    
Bug Blocks: 1420851, 1451801, 1465901, 1466365    

Description Kamil Dudka 2017-05-17 15:07:30 UTC 
+++ This bug was initially created as a clone of Bug #1451801 +++

Description of problem:

When using "setfacl --restore <aclfile>" command, the command may fail when setting ACLs because of the reading of unitialized memory, causing unexpected code path to be executed.

Requesting backport of http://git.savannah.gnu.org/cgit/acl.git/commit?id=33f01b5d

Version-Release number of selected component (if applicable):

acl-2.2.49-7.el6.x86_64

How reproducible:

Always on customer setup, never on mine.

Additional info:

Backporting http://git.savannah.gnu.org/cgit/acl.git/commit?id=33f01b5d fixed the issue.

--- Additional comment from Kamil Dudka on 2017-05-17 16:59:31 CEST ---

As discussed privately, this is easy and safe to backport.  Moreover, the fix is already verified in customer's environment.
Comment 11 errata-xmlrpc 2018-04-10 13:13:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0772