Re: Crash while freeing data.

sasikumar bodathula sasikumar.b at rediffmail.com
Thu May 23 02:46:43 EDT 2013 

Hi,
   Tried valgrind but was not successful since our application does not start with valgrind. Tried with GDB and found the source

Trance is :-

#0  0x00007f8f34cb529b in raise () from /lib64/libc.so.6
#1  0x00007f8f34cb67f3 in abort () from /lib64/libc.so.6
#2  0x00007f8f34cf1c28 in __libc_message () from /lib64/libc.so.6
#3  0x00007f8f34cf71b8 in malloc_printerr () from /lib64/libc.so.6
#4  0x00007f8f34cf8d76 in free () from /lib64/libc.so.6
#5  0x00007f8f2ba04e3a in cms_signeddata_create (context=0x56a23c0, plg_cryptoctx=0x56a4bb0, req_cryptoctx=0x56a5160, id_cryptoctx=0x56a5180, cms_msg_type=0, 
    include_certchain=1, 
    data=0x56a5bf0 "0|�<0:�\005\002\003\002�,�\021\030\01720130523063813Z�\006\002\004d�'l�\026\004\024��\235��\0316�,\034�\226xQ�\004�\022���\0160\f0\n\006\b*\206H\206�\r\003\a�,0*0\f�\n\006\b+\006\001\005\002\003\006\0020\f�\n\006\b+\006\001\005\002\003\006\0010\f�\n\006\b+\006\001\005\002\003\006\003", data_len=126, 
    signed_data=0x56a5b28, signed_data_len=0x56a5b24) at pkinit_crypto_openssl.c:1195


Crash Reason:-

In the function cms_signeddata_create we have a pointer called abuf which is initialized to NULL. 

FileName :- plugins/preauth/pkinit/pkinit_crypto_openssl.c Line number 1121 "ASN1_item_i2d" following function is called with abuf as one of the argument.

After this function abuf is pointer to the invalid pointer this leads to the crash in same file line number 1195 free(abuf).

Do assist me with this scenario.

Best Regards,

B.Sasikumar.


From: Greg Hudson <ghudson at MIT.EDU>
Sent: Wed, 22 May 2013 11:42:10 
To: sasikumar bodathula <sasikumar.b at rediffmail.com>
Cc: kerberos <kerberos at mit.edu>
Subject: Re: Crash while freeing data.
On 05/22/2013 02:00 AM, sasikumar bodathula wrote:

>   I was using gdb to get the backtrace of the crash.



Yes, but this does not give the backtrace of the original memory access

violation which caused free() to crash later on.  valgrind, if you can

use it, will tell you this.



> --enable-pkinit=yes and --with-pkinit-crypto-impl=openssl for pkinit do

> i need both these options for pkinit support or if they are removed from

> compile options pkinit still works?



You should not need either option; PKINIT will be built by default.

More information about the Kerberos mailing list