[krbdev.mit.edu #1258] Segmentation Fault at prof_tree.c:502 on Solaris
The RT System itself via RT
rt-comment at krbdev.mit.edu
Thu Nov 14 13:50:49 EST 2002
>From Kevin.Dunlap at nominum.com Thu Nov 14 13:50:46 2002
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by krbdev.mit.edu (8.9.3) with ESMTP
id NAA15665; Thu, 14 Nov 2002 13:50:46 -0500 (EST)
Received: from shell.nominum.com (shell.nominum.com [128.177.192.160])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id NAA18938
for <krb5-bugs at mit.edu>; Thu, 14 Nov 2002 13:50:45 -0500 (EST)
Received: from shell.nominum.com (localhost [127.0.0.1])
by shell.nominum.com (Postfix) with ESMTP id 9341B137F06
for <krb5-bugs at mit.edu>; Thu, 14 Nov 2002 10:50:44 -0800 (PST)
To: krb5-bugs at mit.edu
Subject: Segmentation Fault at prof_tree.c:502 on Solaris
Date: Thu, 14 Nov 2002 18:50:44 +0000
From: Kevin Dunlap <Kevin.Dunlap at nominum.com>
Message-Id: <20021114185044.9341B137F06 at shell.nominum.com>
X-send-pr-version: 3.99
>Submitter-Id: net
>Originator: Kevin J Dunlap - Kevin.Dunlap at nominum.com
>Organization:
Nominum, Inc
>Confidential: yes
>Synopsis: Segmentation Fault at prof_tree.c:502 on Solaris
>Severity: serious
>Priority: high
>Category: krb5-libs
>Class: sw-bug
>Release: krb5-1.2.6
>Environment:
System: SunOS keymaster 5.8 Generic_108528-16 sun4m sparc SUNW,SPARCstation-5
Architecture: sun4
>Description:
Using GSS-API on Solaris Machine with Windows 2k as KDC.
Program seg faults on line 502 of util/profile/prof_tree.c
Same software configuration compiled on FreeBSD does not Seg Fault.
>How-To-Repeat:
Script started on Thu 14 Nov 2002 06:01:51 PM UTC
[kevin at keymaster nsupdate]$ klist
klist: No credentials cache file found while setting cache flags (ticket cache /tmp/krb5cc_1001)
[kevin at keymaster nsupdate]$ kinit kevind
Password for kevind at AD.TESTLAB.DUNLAP.ORG:
[kevin at keymaster nsupdate]$ klist
Ticket cache: /tmp/krb5cc_1001
Default principal: kevind at AD.TESTLAB.DUNLAP.ORG
Valid starting Expires Service principal
Thu 14 Nov 2002 06:00:58 PM UTC Fri 15 Nov 2002 04:00:58 AM UTC krbtgt/AD.TESTLAB.DUNLAP.ORG at AD.TESTLAB.DUNLAP.ORG
renew until Thu 21 Nov 2002 06:00:58 PM UTC
[kevin at keymaster nsupdate]$ ./nsupdate -o
> update add kjd.ad.testlab.dunlap.org. 200 in txt "this is a test"
>
Segmentation Fault (core dumped)
[kevin at keymaster nsupdate]$ gdb ./nsupdate ./core
GNU gdb 5.2.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.8"...
Core was generated by `./nsupdate -o'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/local/krb5/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/local/krb5/lib/libgssapi_krb5.so.2
Reading symbols from /usr/lib/libnsl.so.1...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/libsocket.so.1...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libpthread.so.1...done.
Loaded symbols for /usr/lib/libpthread.so.1
Reading symbols from /usr/lib/libthread.so.1...done.
Loaded symbols for /usr/lib/libthread.so.1
Reading symbols from /usr/lib/libc.so.1...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/local/krb5/lib/libkrb5.so.3...done.
Loaded symbols for /usr/local/krb5/lib/libkrb5.so.3
Reading symbols from /usr/local/krb5/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/local/krb5/lib/libk5crypto.so.3
Reading symbols from /usr/local/krb5/lib/libcom_err.so.3...done.
Loaded symbols for /usr/local/krb5/lib/libcom_err.so.3
Reading symbols from /usr/local/lib/libgcc_s.so.1...done.
Loaded symbols for /usr/local/lib/libgcc_s.so.1
Reading symbols from /usr/lib/libdl.so.1...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/lib/libmp.so.2...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/lib/libgen.so.1...done.
Loaded symbols for /usr/lib/libgen.so.1
Reading symbols from /usr/lib/libresolv.so.2...done.
Loaded symbols for /usr/lib/libresolv.so.2
#0 0xef4fceb4 in profile_node_iterator (iter_p=0xeeb0eb80, ret_node=0x0,
ret_name=0x0, ret_value=0xeeb0eb7c) at prof_tree.c:502
502 for (p=section->first_child; p; p = p->next)
(gdb) p section
$1 = (struct profile_node *) 0x0
(gdb) p *section
Cannot access memory at address 0x0
(gdb) bt
#0 0xef4fceb4 in profile_node_iterator (iter_p=0xeeb0eb80, ret_node=0x0,
ret_name=0x0, ret_value=0xeeb0eb7c) at prof_tree.c:502
#1 0xef4ff5e8 in profile_get_value (profile=0x131200, names=0xeeb0ec00,
ret_value=0xeeb0ec14) at prof_get.c:196
#2 0xef4ff828 in profile_get_integer (profile=0x131200,
name=0xef505ef8 "libdefaults", subname=0xef505f08 "clockskew",
subsubname=0x0, def_val=300, ret_int=0xeeb0ec8c) at prof_get.c:265
#3 0xef4d88b8 in init_common (context=0xef7984ac, secure=0) at init_ctx.c:144
#4 0xef4d86c0 in krb5_init_context (context=0xef7984ac) at init_ctx.c:70
#5 0xef77d298 in kg_get_context (minor_status=0xeeb0ef44, context=0xeeb0ee44)
at gssapi_krb5.c:185
#6 0xef77a180 in krb5_gss_acquire_cred (minor_status=0xeeb0ef44,
desired_name=0x0, time_req=4294967295, desired_mechs=0x0, cred_usage=1,
output_cred_handle=0xeeb0f438, actual_mechs=0xeeb0ef3c,
time_rec=0xeeb0ef38) at acquire_cred.c:315
#7 0xef78294c in gss_acquire_cred (minor_status=0xeeb0ef44, desired_name=0x0,
time_req=4294967295, desired_mechs=0x0, cred_usage=1,
output_cred_handle=0xeeb0f438, actual_mechs=0xeeb0ef3c,
time_rec=0xeeb0ef38) at krb5_gss_glue.c:70
#8 0x00085d40 in dst_gssapi_acquirecred (name=0x0, initiate=isc_boolean_true,
cred=0xeeb0f438) at gssapictx.c:153
#9 0x00022da8 in start_gssrequest (master=0x0) at nsupdate.c:1884
#10 0x000226dc in recvsoa (task=0x1349b0, event=0x0) at nsupdate.c:1800
#11 0x000ea43c in dispatch (manager=0x134938) at task.c:855
#12 0x000ea524 in run (uap=0x134938) at task.c:998
(gdb) list
497 * Find the section to list if we are a LIST_SECTION,
498 * or find the containing section if not.
499 */
500 section = iter->file->root;
501 for (cpp = iter->names; cpp[iter->done_idx]; cpp++) {
502 for (p=section->first_child; p; p = p->next)
503 if (!strcmp(p->name, *cpp) && !p->value)
504 break;
505 if (!p) {
506 section = 0;
(gdb) quit
[kevin at keymaster nsupdate]$ exit
script done on Thu 14 Nov 2002 06:04:06 PM UTC
--------------
krb5.conf
[libdefaults]
ticket_lifetime=24000
default_realm = AD.TESTLAB.DUNLAP.ORG
default_tgs_enctypes = des-cbc-md5
default_tkt_enctypes = des-cbc-md5
[realms]
AD.TESTLAB.DUNLAP.ORG = {
kdc = faye.ad.testlab.dunlap.org:88
admin_server = faye.ad.testlab.dunlap.org:749
default_domain = ad.testlab.dunlap.org
}
[domain_realm]
.ad.TestLab.Dunlap.org = AD.TESTLAB.DUNLAP.ORG
ad.TestLab.Dunlap.org = AD.TESTLAB.DUNLAP.ORG
[logging]
default = FILE:/var/krb5/kdc.log
kdc = FILE:/var/krb5/kdc.log
kdc_rotate = {
period = 1d
versions = 10
}
[appdefaults]
kinit = {
renewable = true
forwardable= true
}
[pam]
debug=false
ticket_lifetime=36000
renew_lifetime=36000
forwardable=true
krb4_convert=false
>Fix:
diff -c prof_tree.c prof_tree.c-new
*** prof_tree.c Thu Nov 14 16:10:20 2002
--- prof_tree.c-new Thu Nov 14 16:10:07 2002
***************
*** 499,504 ****
--- 499,506 ----
*/
section = iter->file->root;
for (cpp = iter->names; cpp[iter->done_idx]; cpp++) {
+ if (!section)
+ break;
for (p=section->first_child; p; p = p->next)
if (!strcmp(p->name, *cpp) && !p->value)
break;
More information about the krb5-bugs
mailing list