Package: libpam-unix2 Version: 1.25-1 Severity: important
Until now, we had a problem: all applications using PAM for authentication, like sshd, wdm and su, did crash with a segmentation every time that a user did type a wrong password. This happened on amd64 machines with Debian "sarge" 3.1 (libc 2.3.2) and the latest pam_unix2 1.30 (and also with version 1.25). Note that it also happens on i386, but the consequence is just a warning message. Gdb did show that the crash happened because of the free() at unix_auth.c:89 (_cleanup_message). It seems to free memory that was previously allocated with 'alloca'. Is this right? Reading the man-page, I have the impression that memory allocated with alloca is on the stack and not on the heap and that therefore shouldn't be freed. I did comment out that line, and now everything is fine. No more segmentation faults... I did send the above bug-report already upstream on the 2006-01-30 (without an answer yet). Cheers David -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.15.1-ia32-isg-ee-sm-pxe-smp-1 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages libpam-unix2 depends on: ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libxcrypt1 2.2-1 Crypt library for DES, MD5, and bl -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
