Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1012658: redis: cjson not usable in current sid release
131 views
Skip to first unread message
Fabian Sachara
Jun 11, 2022, 7:50:03 AM6/11/22
to
Package: redis
Version: 5:6.0.16-4
Severity: important
Dear Maintainer,
i am currently using redis with rspamd, which uses lua scripts in redis which rely on cjson.
For some reason cjson isn't available when using redis on my machine.
E.g. running
EVAL 'cjson.decode("{}")' 0
in my redis-cli results in
(error) ERR Error running script (call to f_358b937508335722d5ffc098351582c0fe28e64e): @enable_strict_lua:15: user_script:1: Script attempted to access nonexistent global variable 'cjson'
Dependencies lua-bitop and lua-cjson are installed in versions 1.0.2-5 and 2.1.0+dfsg-2.1 respectively.
Also liblua5.4-0 is installed in version 5.4.4-2
Please advise when I could any additional information to help resolve this issue.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.18.0-1-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages redis depends on:
ii redis-server 5:6.0.16-4
redis recommends no packages.
redis suggests no packages.
-- no debconf information
Version: 5:6.0.16-4
Severity: important
Dear Maintainer,
i am currently using redis with rspamd, which uses lua scripts in redis which rely on cjson.
For some reason cjson isn't available when using redis on my machine.
E.g. running
EVAL 'cjson.decode("{}")' 0
in my redis-cli results in
(error) ERR Error running script (call to f_358b937508335722d5ffc098351582c0fe28e64e): @enable_strict_lua:15: user_script:1: Script attempted to access nonexistent global variable 'cjson'
Dependencies lua-bitop and lua-cjson are installed in versions 1.0.2-5 and 2.1.0+dfsg-2.1 respectively.
Also liblua5.4-0 is installed in version 5.4.4-2
Please advise when I could any additional information to help resolve this issue.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.18.0-1-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages redis depends on:
ii redis-server 5:6.0.16-4
redis recommends no packages.
redis suggests no packages.
-- no debconf information
Chris Lamb
Jun 13, 2022, 1:40:03 PM6/13/22
to
notfound 1012658 6.2.5-3
found 1012658 5:7.0.0-1
thanks
Hi Fabian,
> (error) ERR Error running script (call to
> f_358b937508335722d5ffc098351582c0fe28e64e): @enable_strict_lua:15:
> user_script:1: Script attempted to access nonexistent global variable
> 'cjson'
Interestingly, I couldn't reproduce this with 6.2.5-3 so I thought I'd
be a little stuck, but I can reproduce this with 7.0.0-1 which is now
in experimental.
(This is the version I plan to upload to unstable soon).
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org 🍥 chris-lamb.co.uk
`-
found 1012658 5:7.0.0-1
thanks
Hi Fabian,
> (error) ERR Error running script (call to
> f_358b937508335722d5ffc098351582c0fe28e64e): @enable_strict_lua:15:
> user_script:1: Script attempted to access nonexistent global variable
> 'cjson'
be a little stuck, but I can reproduce this with 7.0.0-1 which is now
in experimental.
(This is the version I plan to upload to unstable soon).
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org 🍥 chris-lamb.co.uk
`-
fab...@sachara.de
Jun 13, 2022, 3:30:03 PM6/13/22
to
Hi Chris,
thanks for your support.
Just to let you know: I just compiled 6.2.6-1 from source and currently it works for me too.
Regards,
Fabian
On Mon, 13 Jun 2022 18:27:44 +0100 "Chris Lamb" <la...@debian.org> wrote:
> notfound 1012658 6.2.5-3
> found 1012658 5:7.0.0-1
> thanks
>
> Hi Fabian,
>
> > (error) ERR Error running script (call to
> > f_358b937508335722d5ffc098351582c0fe28e64e): @enable_strict_lua:15:
> > user_script:1: Script attempted to access nonexistent global variable
> > 'cjson'
>
> Interestingly, I couldn't reproduce this with 6.2.5-3 so I thought I'd
> be a little stuck, but I can reproduce this with 7.0.0-1 which is now
> in experimental.
>
> (This is the version I plan to upload to unstable soon).
>
>
> Regards,
>
> --
> ,''`.
> : :' : Chris Lamb
> `. `'` la...@debian.org
🍥 chris-lamb.co.uk
> `-
>
>
Chris Lamb
Jun 13, 2022, 4:40:03 PM6/13/22
to
Hi Fabian,
> Just to let you know: I just compiled 6.2.6-1 from source and currently
> it works for me too.
I'm almost certain that this is related to the fix for #1005787 which
is not present in that "old" version. I'm CCing in Reginaldo Silva
(the original discoverer of that issue), and hope he can provide some
easy insight here.
Reginaldo, feel free to see the entire bug history at:
https://bugs.debian.org/1012658
> Just to let you know: I just compiled 6.2.6-1 from source and currently
> it works for me too.
is not present in that "old" version. I'm CCing in Reginaldo Silva
(the original discoverer of that issue), and hope he can provide some
easy insight here.
Reginaldo, feel free to see the entire bug history at:
https://bugs.debian.org/1012658
Chris Lamb
Jun 14, 2022, 4:40:03 AM6/14/22
to
Chris Lamb wrote:
> I'm almost certain that this is related to the fix for #1005787 which
> is not present in that "old" version.
Ah, my mistake: I think it's due to the Debian packaging reverting to
> I'm almost certain that this is related to the fix for #1005787 which
> is not present in that "old" version.
using the bundled version of Lua over the Debian-provided one. (This
is needed due to it having additional security features needed to
address CVE-2022-24735 and CVE-2022-24736.)
This means it is not finding the Debian version of
liblua5.1-cjson.so.0 or liblua5.1-bitop.so.0 under /lib. It works with
the Lua modules that we don't try and use the Debian version of, for
example:
$ redis-cli EVAL "cmsgpack.pack({})" 0
(nil)
I suspect there is some kind of require/import path that needs to be
adjusted for the bundled Lua (which is preconfigured to point under
/lib for Debian's shipped Lua). Or, we might have to revert entirely to
using the bundled cjson and bitop modules. :(
fab...@sachara.de
Jun 14, 2022, 8:00:04 AM6/14/22
to
Hi Chris,
> I think it's due to the Debian packaging reverting to using the bundled version of Lua over the Debian-provided one.
I just compiled 6.0.16-4 from the current sid release, while reverting
https://salsa.debian.org/lamby/pkg-redis/-/commit/601dc9780d03d6cdbc8a834745259e84e1ce79f3
This resolves the problem, so your theory definitely seems right.
Kind regards,
Fabian
> I think it's due to the Debian packaging reverting to using the bundled version of Lua over the Debian-provided one.
https://salsa.debian.org/lamby/pkg-redis/-/commit/601dc9780d03d6cdbc8a834745259e84e1ce79f3
This resolves the problem, so your theory definitely seems right.
Kind regards,
Fabian
Chris Lamb
Jun 15, 2022, 3:00:03 AM6/15/22
to
> thanks for your support.
No problem. Can you try 7.0.1-2 in experimental? :) I'm planning on
putting this version in Debian sid/unstable soon anyway.
fab...@sachara.de
Jun 15, 2022, 4:00:04 AM6/15/22
to
Hi,
7.0.1-2 unfortunately doesn't work at all for me.
--- redis-server.log
355396:M 15 Jun 2022 09:43:50.504 # Server initialized
=== REDIS BUG REPORT START: Cut & paste starting from here ===
355396:M 15 Jun 2022 09:43:50.504 # Redis 7.0.1 crashed by signal: 11,
si_code: 1
355396:M 15 Jun 2022 09:43:50.504 # Accessing address: 0x56c44
355396:M 15 Jun 2022 09:43:50.504 # Crashed running the instruction at:
0x7f62a92c0da6
------ STACK TRACE ------
EIP:
/lib/x86_64-linux-gnu/libc.so.6(+0x99da6)[0x7f62a92c0da6]
Backtrace:
/lib/x86_64-linux-gnu/libpthread.so.0(+0x12200)[0x7f62a9ee8200]
/lib/x86_64-linux-gnu/libc.so.6(+0x99da6)[0x7f62a92c0da6]
/lib/x86_64-linux-gnu/libc.so.6(+0x68618)[0x7f62a928f618]
/lib/x86_64-linux-gnu/libc.so.6(+0x79176)[0x7f62a92a0176]
/usr/bin/redis-server 127.0.0.1:6379(_serverLog+0xd1)[0x55c8ec3162c1]
/usr/bin/redis-server
127.0.0.1:6379(linuxMemoryWarnings+0xff)[0x55c8ec320e7f]
/usr/bin/redis-server 127.0.0.1:6379(main+0x275)[0x55c8ec30d1d5]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xcd)[0x7f62a924a7fd]
/usr/bin/redis-server 127.0.0.1:6379(_start+0x2a)[0x55c8ec30d82a]
Kind regards,
Fabian
7.0.1-2 unfortunately doesn't work at all for me.
--- redis-server.log
355396:M 15 Jun 2022 09:43:50.504 # Server initialized
=== REDIS BUG REPORT START: Cut & paste starting from here ===
355396:M 15 Jun 2022 09:43:50.504 # Redis 7.0.1 crashed by signal: 11,
si_code: 1
355396:M 15 Jun 2022 09:43:50.504 # Accessing address: 0x56c44
355396:M 15 Jun 2022 09:43:50.504 # Crashed running the instruction at:
0x7f62a92c0da6
------ STACK TRACE ------
EIP:
/lib/x86_64-linux-gnu/libc.so.6(+0x99da6)[0x7f62a92c0da6]
Backtrace:
/lib/x86_64-linux-gnu/libpthread.so.0(+0x12200)[0x7f62a9ee8200]
/lib/x86_64-linux-gnu/libc.so.6(+0x99da6)[0x7f62a92c0da6]
/lib/x86_64-linux-gnu/libc.so.6(+0x68618)[0x7f62a928f618]
/lib/x86_64-linux-gnu/libc.so.6(+0x79176)[0x7f62a92a0176]
/usr/bin/redis-server 127.0.0.1:6379(_serverLog+0xd1)[0x55c8ec3162c1]
/usr/bin/redis-server
127.0.0.1:6379(linuxMemoryWarnings+0xff)[0x55c8ec320e7f]
/usr/bin/redis-server 127.0.0.1:6379(main+0x275)[0x55c8ec30d1d5]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xcd)[0x7f62a924a7fd]
/usr/bin/redis-server 127.0.0.1:6379(_start+0x2a)[0x55c8ec30d82a]
Kind regards,
Fabian
Chris Lamb
Jun 16, 2022, 10:10:03 AM6/16/22
to
Hey Fabian,
> 7.0.1-2 unfortunately doesn't work at all for me.
Ah, this is actually due to the new hardening features. I've fixed this here:
https://salsa.debian.org/lamby/pkg-redis/commit/80470e3dc0ae56db9c9512c38a1757844443bcfc
... and have uploaded 5:7.0.1-3 to Debian experimental. Can you
test it?
> 7.0.1-2 unfortunately doesn't work at all for me.
https://salsa.debian.org/lamby/pkg-redis/commit/80470e3dc0ae56db9c9512c38a1757844443bcfc
... and have uploaded 5:7.0.1-3 to Debian experimental. Can you
test it?
fab...@sachara.de
Jun 17, 2022, 7:50:04 AM6/17/22
to
Hi Chris,
> ... and have uploaded 5:7.0.1-3 to Debian experimental. Can you test it?
I just compiled and tested 7.0.1-4 and it works fine for me 😊
Kind regards,
Fabian
> ... and have uploaded 5:7.0.1-3 to Debian experimental. Can you test it?
Kind regards,
Fabian
0 new messages