RE: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)

From: Howard Chu (hyc at highlandsun dot com)
Date: Fri Mar 19 2004 - 03:13:32 EST

  • Next message: Andreas: "Re: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)"

    > -----Original Message-----
    > From: owner-cyrus-sasl at lists dot andrew dot cmu dot edu
    > [mailto:owner-cyrus-sasl at lists dot andrew dot cmu dot edu]On Behalf Of Andreas

    > I know that sasl-1.5.x is deprecated, but please bear with
    > me. At this time,
    > I can't upgrade this system to cyrus-sasl-2.1.x.

    I'm not familiar with MALLOC_CHECK setting. I would use something like
    ElectricFence, FunctionCheck, or Valgrind to trace this; it is most likely a
    redundant free().

    > I'm getting the following segfault when using ldapwhoami (or
    > any other ldap* tool
    > from openldap) with digest-md5:

    > 0x4035d756 in free () from /lib/libc.so.6
    > (gdb) bt
    > #0 0x4035d756 in free () from /lib/libc.so.6
    > #1 0x4005f30e in ber_memfree (p=0x804c16d) at memory.c:143
    > #2 0x4001a24c in free_prompts (params=0x804eb20,
    > prompts=0x804ed80) at digestmd5.c:3300
    > #3 0x4001a93d in c_continue_step (conn_context=0x804ee10,
    > params=0x804eb20, serverin=0x0,
    > serverinlen=134541488, prompt_need=0xbfffef04,
    > clientout=0xbfffef0c, clientoutlen=0xbfffeef4,
    > oparams=0x804ea88) at digestmd5.c:3705
    > #4 0x4006ca19 in sasl_client_step (conn=0x0,
    > serverin=0x804eec8
    > "realm=\"teste10.distro.conectiva\",nonce=\"RGLB4ylyXmUNvWVfme
    mGynHwDCKjiCZyxruM5M99S4A=\",qop=\"auth,auth-int,auth-conf\",cipher=\"rc4-40,
    rc4-56,rc4> \",charset=utf-8,algorithm=md5-sess",
    > serverinlen=175, prompt_need=0x8000000,
    > clientout=0x8000000, clientoutlen=0x8000000) at client.c:702
    > #5 0x40035889 in ldap_int_sasl_bind () from /usr/lib/libldap.so.2
    > #6 0x400380e4 in ldap_sasl_interactive_bind_s () from
    > /usr/lib/libldap.so.2
    > #7 0x0804a3e3 in tool_bind (ld=0x804e5f8) at common.c:674
    > #8 0x080492fc in main (argc=134539568, argv=0xbffff034) at
    > ldapwhoami.c:121
    > #9 0x40307522 in __libc_start_main () from /lib/libc.so.6
    >
    > I inserted this debug printfs in the free_prompts loop:
    > do {
    > printf("ptr=%p, ptr->result=%p\n", ptr, ptr->result);
    > <===========
    > if (ptr->result != NULL)
    > params->utils->free(ptr->result);
    >
    > ptr++;
    > } while (ptr->id != SASL_CB_LIST_END);
    >
    >
    > With MALLOC_CHECK_=1:
    >
    > # export MALLOC_CHECK_=1
    > $ ldapwhoami
    > malloc: using debugging hooks
    > SASL/DIGEST-MD5 authentication started
    > Please enter your password:
    > ptr=0x804f110, ptr->result=0x804e978
    > ptr=0x804f128, ptr->result=0x804c14d
    > free(): invalid pointer 0x804c14d!
    > ptr=0x804f140, ptr->result=0x804f370
    > SASL username: andreas
    > SASL realm: teste10.distro.conectiva
    > SASL SSF: 128
    > SASL installing layers
    > dn:uid=andreas,cn=teste10.distro.conectiva,cn=digest-md5,cn=auth
    > free(): invalid pointer 0x804e978!
    > free(): invalid pointer 0x804f370!
    >
    >
    > The first prompt structure is "Authentication Name", the
    > second one is "Authorization Name"
    > (where it segfaults) and the third one is "Password".
    >
    > Any hints on where I should look? Or is the problem obvious
    > to someone familiar with sasl?

      -- Howard Chu
      Chief Architect, Symas Corp. Director, Highland Sun
      http://www.symas.com http://highlandsun.com/hyc
      Symas: Premier OpenSource Development and Support


  • Next message: Andreas: "Re: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD