- Package:
- libfreerdp2-2
- Source:
- freerdp2
- Description:
- Free Remote Desktop Protocol library (core library)
- Submitter:
- Josh Triplett
- Date:
- 2025-01-19 01:51:19 UTC
- Severity:
- important
- Tags:
After upgrading libfreerdp2-2, authentication failures (mistyped password) started causing segfaults: May 11 11:41:29 jtriplet-mobl2 vinagre.desktop[9277]: [11:41:29:080] [9277:9277] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_LOGON_FAILURE [0x00020014] May 11 11:41:29 jtriplet-mobl2 vinagre.desktop[9277]: [11:41:29:080] [9277:9277] [ERROR][com.freerdp.core.rdp] - rdp_recv_callback: CONNECTION_STATE_NLA - nla_recv_pdu() fail May 11 11:41:29 jtriplet-mobl2 vinagre.desktop[9277]: [11:41:29:080] [9277:9277] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1 May 11 11:41:29 jtriplet-mobl2 kernel: vinagre[9277]: segfault at 9 ip 00007fbc84bf6ab0 sp 00007ffc05377a40 error 4 in libfreerdp2.so.2.0.0[7fbc84b1c000+137000]
HI Josh,
I contacted one of the upstream authors on this.
Can you provide a gdb backtrace ("bt full") to get some more insight
what happens to vinagre?
Thanks,
Mike
Sure. I can easily reproduce this, just by entering an incorrect
username and password.
Thread 1 "vinagre" received signal SIGSEGV, Segmentation fault.
clear_context_free (clear=0x1) at ./libfreerdp/codec/clear.c:1216
1216 ./libfreerdp/codec/clear.c: No such file or directory.
(gdb) bt full
#0 0x00007ffff528bab0 in clear_context_free (clear=0x1) at ./libfreerdp/codec/clear.c:1216
clear = 0x1
#1 0x00007ffff522a9cd in codecs_free (codecs=0x555555dd62b0) at ./libfreerdp/core/codecs.c:213
#2 0x00007ffff5224c77 in freerdp_disconnect (instance=0x555555d14d00) at ./libfreerdp/core/freerdp.c:508
rc = 1
rdp = <optimized out>
#3 0x0000555555584769 in vinagre_rdp_tab_dispose (object=0x555555cfe920) at plugins/rdp/vinagre-rdp-tab.c:182
rdp_tab = 0x555555cfe920
priv = 0x555555cfe730
#4 0x00007ffff5be1e03 in g_object_unref () at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#5 0x00007ffff6b5da39 in gtk_container_remove () at /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
#6 0x0000555555570748 in vinagre_notebook_close_tab (nb=0x555555b06230, tab=0x555555cfe920) at vinagre/vinagre-notebook.c:697
position = 0
notebook = 0x555555b06230
previous_active_tab = 0x555555cfe920
__func__ = "vinagre_notebook_close_tab"
#7 0x0000555555583074 in idle_close (tab=0x555555cfe920) at plugins/rdp/vinagre-rdp-tab.c:272
#8 0x00007ffff59030f5 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#9 0x00007ffff59034c0 in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x00007ffff590354c in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#11 0x00007ffff5ec3cdd in g_application_run () at /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#12 0x00005555555655cf in main (argc=1, argv=0x7fffffffdf68) at vinagre/vinagre-main.c:196
app = 0x5555557e91a0
res = <optimized out>
Hi Josh, Forwarded upstream: https://github.com/FreeRDP/FreeRDP/issues/4647 Feedback from upstream was: unknown so far, needs investigation. Mike
Hi Josh, Is it possible for you to patch freerdp2 with this [1] patch and check if the issue is gone then? Thanks, Mike [1] https://github.com/FreeRDP/FreeRDP/pull/4648/files
Hello, Bug #898448 in freerdp2 reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at: https://salsa.debian.org/debian-remote-team/freerdp2/commit/5c62b4e3fd991ab2b6f916ecd3a83e2a2afb93bd ------------------------------------------------------------------------ debian/patches: Add 0001_nsc-context-free-must-not-access-uninit-fields.patch. Fixes segfault in Vinagre when user mistypes the password. (Closes: #898448).------------------------------------------------------------------------ (this message was generated automatically) -- Greetings https://bugs.debian.org/898448
We believe that the bug you reported is fixed in the latest version of
freerdp2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 898448@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mike Gabriel <mike.gabriel@das-netzwerkteam.de> (supplier of updated freerdp2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Tue, 15 May 2018 15:55:52 +0200
Source: freerdp2
Binary: freerdp2-x11 libfreerdp2-2 libfreerdp-client2-2 libfreerdp-server2-2 libwinpr2-2 libwinpr-tools2-2 libwinpr2-dev freerdp2-dev winpr-utils libfreerdp-shadow2-2 libfreerdp-shadow-subsystem2-2 freerdp2-shadow-x11 libuwac0-0 libuwac0-dev freerdp2-wayland
Architecture: source
Version: 2.0.0~git20180411.1.7a7b1802+dfsg1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>
Changed-By: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Description:
freerdp2-dev - Free Remote Desktop Protocol library (development files)
freerdp2-shadow-x11 - FreeRDP x11 shadowing server
freerdp2-wayland - RDP client for Windows Terminal Services (wayland client)
freerdp2-x11 - RDP client for Windows Terminal Services (X11 client)
libfreerdp-client2-2 - Free Remote Desktop Protocol library (client library)
libfreerdp-server2-2 - Free Remote Desktop Protocol library (server library)
libfreerdp-shadow-subsystem2-2 - FreeRDP Remote Desktop Protocol shadow subsystem libraries
libfreerdp-shadow2-2 - FreeRDP Remote Desktop Protocol shadow libraries
libfreerdp2-2 - Free Remote Desktop Protocol library (core library)
libuwac0-0 - Using wayland as a client library
libuwac0-dev - Using wayland as a client (development files)
libwinpr-tools2-2 - Windows Portable Runtime Tools library
libwinpr2-2 - Windows Portable Runtime library
libwinpr2-dev - Windows Portable Runtime library (development files)
winpr-utils - Windows Portable Runtime library command line utilities
Closes: 898448
Changes:
freerdp2 (2.0.0~git20180411.1.7a7b1802+dfsg1-2) unstable; urgency=medium
.
* debian/patches:
+ Add 0001_nsc-context-free-must-not-access-uninit-fields.patch. Fixes
segfault in Vinagre when user mistypes the password. (Closes: #898448).
Checksums-Sha1:
1bbc35eaf7e1288e65a64c985a60af6d5070ab7b 3720 freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2.dsc
5007145c8702ecb477630c861970c8616b547a03 40820 freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2.debian.tar.xz
d9378f110cb50050252a766245f45f7e1b4bf0d0 13581 freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2_source.buildinfo
Checksums-Sha256:
81026b3a17bdc9dc4ae67520db1349222b254b55ed6a9d611cabeb072c43fb4c 3720 freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2.dsc
643b151a60fcb7451e4b576fbbe36e373b1e6b4683a70ae5fba4f8fd5c04e5d9 40820 freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2.debian.tar.xz
9965a7a206a4e5c881d30107691e1c7ef7c9da7ce9ca16d1e1d25d64b7f290c6 13581 freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2_source.buildinfo
Files:
da816f99655d81916e725a9c47819b59 3720 x11 optional freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2.dsc
0cc56216869e267229702179bc208490 40820 x11 optional freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2.debian.tar.xz
dca000319a278fcbd8cdc7049ac19303 13581 x11 optional freerdp2_2.0.0~git20180411.1.7a7b1802+dfsg1-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJVBAEBCAA/FiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAlr66/MhHG1pa2UuZ2Fi
cmllbEBkYXMtbmV0endlcmt0ZWFtLmRlAAoJEJr0azAldxsxltcP+gIIFqz3gVyA
Upsv9g1omcRTKGsR2kfgpPNekJINh40MA6NMIIfeGElOSfz/wIB8CPjTFpI9Fn+u
M+sjwpEH4Bb8wvueRJeEac1nHfv6ayEfMEx5XCYon8pjcNil4eCPpfJ2GOqMJYr5
p9+A3hFtOCZu6iZJPMrpcDfUY3YpkUqW1BVjdiQufdDIh5ds3VEX12Age8lvEZhJ
nvcYQ77vIJQLdeHrP6EOrN8Qb39bz2qEBy8p6ww+AI8puMWW/cxd2B0kb8LK0LWB
g7YQ4Vz9jvu6eAr4unZktHJBcPy66z0gMtwXQFXnDpme8U2YQQHOQF66J29vRSh6
u3fsc2fqMnZoYGS0uP7jRZmBpjGfV47ppWYpiZK2entkcVEaa8aTjVy2/VbiiOzD
RnrONPdZOQQDD677YqFOGe4QGhr1rrrc5XKTOCsEll6ldMep1XNnM8qvLNuzvrXY
EY30G6KUmabVPl+67GbMoFXP+AANnT92eUOQno8sUrNWyLJzy+zpy82w0cg8Qrt4
Hs7u/Ap3/jVPnC32YlUD6uApMfg9eM9rjdJJYZCSrnfL5BOtnj5n34bv6kmGZqgw
kKlwrejdlwjmtBJfBMQ9SOKXVhOKced8qFG7tLzpT5ZoOfWb5jub4wn8dewphMq7
u/o9m0idMipsNIA2ILONtwt2V1wVfTml
=M3OX
-----END PGP SIGNATURE-----
reopen 898448 thanks I can still reproduce this segfault with the patched libfreerdp2-2 in current unstable.
Hi, I had more chat exchange with upstream and we both did some tests in Debian sid VMs with vinagre and freerdp2. akallabeth from FreeRDP2 posted on the upstream tracker: ``` found the issue, looks like vinagre does session disconnect regardless of connection state. The behaviour slightly changed since freerdp `1` and was buggy for quite some time in `2` (which is why this might have gone unnoticed) ``` And on IRC: ``` 11:34 < _akallabeth_> sunweaver: hmm, interesting, getting segfaults in different areas with a fresh debian sid 11:35 < _akallabeth_> sunweaver: starts to smell like there is something wrong in vinagre too 11:52 < _akallabeth_> sunweaver: ah, got it. 11:54 < _akallabeth_> looks like freerdp_disconnect is called regardless of connection success state 11:59 < _akallabeth_> sunweaver: so that calls freerdp_disconnect twice (once to clean up resources in connect and another time afterward) 12:03 < _akallabeth_> same for gdi_init/gdi_free, that is handled optimistic in vinagre (post disconnect may never fail, not even the library internals) ``` In vinagre, the gdi_free and context_disconnect functions should only be called if there is something to disconnect or to free... Thus, reassigning to vinagre with this message. Thanks! Hope that helps, Mike
Hello, Bug #898448 in freerdp2 reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below, and you can check the diff of the fix at: https://salsa.debian.org/debian-remote-team/freerdp2/commit/5c62b4e3fd991ab2b6f916ecd3a83e2a2afb93bd ------------------------------------------------------------------------ debian/patches: Add 0001_nsc-context-free-must-not-access-uninit-fields.patch. Fixes segfault in Vinagre when user mistypes the password. (Closes: #898448).------------------------------------------------------------------------ (this message was generated automatically) -- Greetings https://bugs.debian.org/898448
Dear maintainers,
With libfreerdp2-2 2.0.0~git20180411.1.7a7b1802+dfsg1-2+b1 and vinagre
3.22.0-5, I get a very similar crash if the target host is unreachable
or does not have RDP open.
When running in gdb, an "Error connecting to host." dialog pops up and
vinagre immediately segfaults afterwards.
The backtrace is as follows:
(gdb) bt full
#0 clear_context_free (clear=0x1) at ./libfreerdp/codec/clear.c:1216
i = <optimized out>
clear = 0x1
i = <optimized out>
i = <optimized out>
#1 0x00007ffff6d8b67d in codecs_free (codecs=0x555555de8560) at
./libfreerdp/core/codecs.c:213
No locals.
#2 0x00007ffff6d85907 in freerdp_disconnect (instance=0x555555dd0ff0)
at ./libfreerdp/core/freerdp.c:508
rc = 1
rdp = <optimized out>
#3 0x0000555555584769 in vinagre_rdp_tab_dispose
(object=0x555555c8a880) at plugins/rdp/vinagre-rdp-tab.c:182
rdp_tab = 0x555555c8a880
priv = 0x555555c8a690
#4 0x00007ffff734dc13 in g_object_unref () from
/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
No symbol table info available.
#5 0x00007ffff78e0099 in gtk_container_remove () from
/usr/lib/x86_64-linux-gnu/libgtk-3.so.0
No symbol table info available.
#6 0x0000555555570748 in vinagre_notebook_close_tab (nb=0x555555b6e240,
tab=0x555555c8a880) at vinagre/vinagre-notebook.c:697
position = 0
notebook = 0x555555b6e240
previous_active_tab = 0x555555c8a880
__func__ = "vinagre_notebook_close_tab"
#7 0x0000555555583074 in idle_close (tab=0x555555c8a880) at
plugins/rdp/vinagre-rdp-tab.c:272
No locals.
#8 0x00007ffff7268ae8 in g_main_context_dispatch () from
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#9 0x00007ffff7268ed8 in ?? () from
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#10 0x00007ffff7268f6c in g_main_context_iteration () from
/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#11 0x00007ffff742f13d in g_application_run () from
/usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
No symbol table info available.
#12 0x00005555555655cf in main (argc=1, argv=0x7fffffffe118) at
vinagre/vinagre-main.c:196
app = 0x5555557ed1a0
res = <optimized out>
Best,
James
this should be solved in freerdp2 2.0.0-rc3, patch was also applied in 2.0.0~git20181120.1.e21b72c95+dfsg1-1, can confirm please that is not reproducible anymore in buster, testing or sid?
Can confirm that is crashes on buster (LTS).
A quick test: It does NOT crash on sid, so I'll mark the version in sid as "fixed", but leave it up to the maintainer to close the bug.
Dear submitter, as the package freerdp2 has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1093460 The version of this package that was in Debian prior to this removal can still be found using https://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org. Debian distribution maintenance software pp. Paul Tagliamonte (the ftpmaster behind the curtain)