Samba4 segfault
in [Samba]
|
Prev: [Samba] Winbind 3.5.2 caching issues under SLES11???
Next: [Samba] Can join AD 2003 domain; can't list shares from other servers
From: Andrew Bartlett on 22 Apr 2010 07:20 On Mon, 2010-04-19 at 16:46 +0200, Marcel Ritter wrote: > Hi, > > during my tests to use Samba4 as a kdc for kerberized NFS, > I found a bug in the KDC code, when generating a principal > without pac (e.g. with msktutil and option --no-pac), that > causes Samba4 to crash: > > Running the following command on one of the client machines > > msktutil -c --upn nfs/testa.linex.org -h testa.linex.org > --computer-name testa-service-nfs --server s4-dc1.linex.org --no-pac > > results in this gdb backtrace on the samba4 dc (s4-dc1.linex.org): > > Program received signal SIGSEGV, Segmentation fault. > 0x00000000005e82e6 in samba_make_krb5_pac () > Current language: auto; currently asm > (gdb) bt > #0 0x00000000005e82e6 in samba_make_krb5_pac () > #1 0x00000000004ce243 in samba_wdc_get_pac () > #2 0x000000000059290b in _kdc_pac_generate () > #3 0x0000000000588055 in _kdc_as_rep () > #4 0x00000000005922ec in kdc_as_req () > #5 0x000000000059258e in krb5_kdc_process_krb5_request () > #6 0x00000000005fc1dc in kdc_process () > #7 0x00000000005fc4bb in kdc_tcp_call_loop () > ... > > Looking at the code, the error is quite easy to find: > > source4/kdc/wdc-samba4.c: krb5_error_code samba_wdc_get_pac() > calls > > 1.) source4/kdc/pac-glue.c: samba_kdc_get_pac_blob() > > /* The user account may be set not to want the PAC */ > ... > *_pac_blob = NULL; > > and then calls > > 2. source4/kdc/pac-glue.c: samba_make_krb5_pac() > which tries to use uninitalized "pac_blob" and segfaults > > > A simple patch is attached that solved the problem for me. somehow, the patch didn't make it to the list. Can you make it with git format-patch (if possible) and attach it to a bug, or mail it to me. I would be delighted to include it in the tree, or otherwise fix this bug. (Sorry for the slow response, I normally expect Samba4 questions on samba-technical during this alpha phase). Thanks! Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. |