It is my opinion at this time that the bug is really in glibc. These functions like _nss_extrausers_endgrent() must share state from call to call, and therefore cannot possibly be thread safe.
Unfortunately, the fix with making the shared state thread-local could probably make problems for callers which try to be careful when using these functions, but still take into account the globally shared state (which isn't global any more with the patch). For instance, if one thread calls _nss_extrausers_setgrent() under some lock, and another thread later calls _nss_extrausers_endgrent() under some lock, this would reasonably be expected to work, but it won't with the thread-local state. The getgrouplist() is documented as thread safe, while it calls these functions without locking. I think the fix should be made in glibc by adding appropriate locking there. I have filed a report for glibc: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1923738 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1602264 Title: libvirtd crashes with double free or corruption (out) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libnss-extrausers/+bug/1602264/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
