1.6beta2 kpasswd core dump

Andreas Hasenack ahasenack at terra.com.br
Thu Jan 4 10:59:25 EST 2007 

I'm getting a core dump after using kpasswd to change a principal's
password with krb5 1.6beta2 (database in openldap).

My tree layout is like this:
dc=example,dc=com
  ou=People,dc=example,dc=com
    uid=jsmith,ou=People,dc=example,dc=com
  ou=Kerberos Realms,dc=example,dc=com
    cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=K/M at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=krbtgt/EXAMPLE.COM at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=kadmin/admin at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=kadmin/changepw at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=kadmin/history at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=kadmin/pandora.local at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com
      krbPrincipalName=user at EXAMPLE.COM,cn=EXAMPLE.COM,ou=Kerberos Realms,dc=example,dc=com

Below I ran "kpasswd user". Even though it segfaulted, the password was changed in the end.
(gdb) bt full
#0  0xb7db4ee9 in free () from /lib/i686/libc.so.6
No symbol table info available.
#1  0xb7f4ecc9 in krb5_free_data_contents (context=0x804b058, val=0x804b85c) at kfree.c:237
No locals.
#2  0xb7f692f4 in kpasswd_sendto_msg_cleanup (callback_context=0xbfab8424, message=0x804b85c) at changepw.c:96
        ctx = (struct sendto_callback_context *) 0xbfab8424
#3  0xb7f71d18 in krb5int_sendto (context=0x804b058, message=0x0, addrs=0xbfab838c, callback_info=0xbfab8418, reply=0xbfab845c,
    localaddr=0x0, localaddrlen=0x0, remoteaddr=0xbfab8398, remoteaddrlen=0xbfab8448, addr_used=0x0) at sendto_kdc.c:1251
        i = 1
        pass = 0
        delay_this_pass = 2
        retval = 0
        conns = (struct conn_state *) 0x804ee70
        callback_data = (krb5_data *) 0x804b850
        n_conns = 2
        host = 0
        sel_state = (struct select_state *) 0x804f328
        now = {tv_sec = 1167926076, tv_usec = 373589}
        winning_conn = 0
        e = 1
        udpbuf = 0x804f650 ""
#4  0xb7f69744 in krb5_change_set_password (context=0x804b058, creds=0xbfab8910, newpw=0xbfab8510 "secret", set_password_for=0x0,
    result_code=0xbfab8508, result_code_string=0xbfab84fc, result_string=0xbfab84f0) at changepw.c:239
        chpw_rep = {magic = 0, length = 238, data = 0x804f650 ""}
        remote_kaddr = {magic = 665684, addrtype = -1209093604, length = 3086520508, contents = 0xb7fa3ce0 ""}
        useTcp = 0
        addrlen = 16
        code = 0
        code_string = 0xb7ef0298 "krb5_change_set_password"
        local_result_code = 0
        callback_ctx = {context = 0x804b058, auth_context = 0x804c780, set_password_for = 0x0, newpw = 0xbfab8510 "secret", ap_req = {
    magic = -1760647422, length = 438, data = 0x804c8b0 "n\202\0010\202\001\003\002\001\005\003\002\001\016\a\003\005"}}
        callback_info = {pfn_callback = 0xb7f692fa <kpasswd_sendto_msg_callback>, pfn_cleanup = 0xb7f692c8 <kpasswd_sendto_msg_cleanup>,
  context = 0xbfab8424}
        remote_addr = {ss_family = 2, __ss_align = 2969698314,
  __ss_padding = "\000\000\000\000\000\000\000\000D\204X\204\207<P\204\230\002�000\000\000\000\001\000\000\000\000\000\000\000��000D\032۷o��004\b�217�000\000\000\000\200\204�s\205\004\b\000\000\000\000P0\2044�bP�217���004\bH\204\034�}
        al = {addrs = 0x804b810, naddrs = 2, space = 2}
#5  0xb7f699c1 in krb5_change_password (context=0x804b058, creds=0xbfab8910, newpw=0xbfab8510 "secret", result_code=0xbfab8508,
    result_code_string=0xbfab84fc, result_string=0xbfab84f0) at changepw.c:336
No locals.
#6  0x08048f0d in main (argc=2, argv=0xbfab8a44) at kpasswd.c:128
        ret = 0
        context = 0x804b058
        princ = 0x804b7a0
        pname = 0xbfaba1e8 "user"
        ccache = 0xb7e78ff4
        opts = {flags = 271, tkt_life = 300, renew_life = 0, forwardable = 0, proxiable = 0, etype_list = 0xbfaba19c,
  etype_list_length = 134515248, address_list = 0xb7e78ff4, preauth_list = 0x804a42c, preauth_list_length = -1079277160, salt = 0x8048859}
        creds = {magic = 0, client = 0x804ebc8, server = 0x804edf8, keyblock = {magic = -1760647421, enctype = 16, length = 24,
    contents = 0x804ef78 "�224�m�\001�vs��025\2147,"}, times = {authtime = 1167926074, starttime = 1167926074,
    endtime = 1167926372, renew_till = 0}, is_skey = 0, ticket_flags = 6291456, addresses = 0x0, ticket = {magic = -1760647422,
    length = 251,
    data = 0x804f228 "a\2010\201�003\002\001\005\r\033\vEXAMPLE.COM\0350\033\003\002\001\001\0240\022\033\006kadmin\033\bchangepw\2010\201\003\002\001\020\003\002\001\001\201\004\201s\215Sn�L,v�bp�\214I\027\201¹�005/\224LF9�.�177�ȯE\204\234W\002�k\001\034C\231H\201\230�\230z\v�002\017\005V\020ѲRsUá\035\027-$\214N \017�b�jC\aN\033\024�234�\023�9\206\212\036'\215\025�031W\225\216�...}, second_ticket = {magic = 0, length = 0, data = 0x0}, authdata = 0x0}
        pw = "secret", '\0' <repeats 1017 times>
        pwlen = 6
        result_code = -1208440032
        result_code_string = {magic = 0, length = 3086525608, data = 0xb7f8a7e0 ""}
        result_string = {magic = -1208336396, length = 3215690188, data = 0xb7f8e42d "\215e�^_]�213\203,"}

More information about the krbdev mailing list