Re: kpasswdd dumps on OpenBSD6.3

ASV Sun, 05 Aug 2018 02:22:03 -0700

Good morning,
this looks more exhaustive to me. :)

(gdb) r
Starting program: /usr/local/heimdal/libexec/kpasswdd


Program received signal SIGSEGV, Segmentation fault.
0x00001fe263d185d6 in change () from /usr/local/heimdal/lib/libkadm5srv.so.3.0
Current language:  auto; currently minimal
(gdb) bt
#0  0x00001fe263d185d6 in change () from 
/usr/local/heimdal/lib/libkadm5srv.so.3.0
#1  0x00001fe263d1855f in kadm5_s_chpass_principal_cond () from 
/usr/local/heimdal/lib/libkadm5srv.so.3.0
#2  0x00001fe05dc02bfb in change (auth_context=0x1fe261682080, 
admin_principal=0x1fe318614860, version=65408, s=8, sa=0x7f7ffffe0968, 
sa_size=16, in_data=0x7f7ffffe0310) at kpasswdd.c:410
#3  0x00001fe05dc01b89 in process (keytab=0x1fe27c7a0c00, s=8, 
this_addr=0x1fe261684330, sa=0x7f7ffffe0968, sa_size=16, msg=0x7f7ffffe0460 
"\002\200\002\bn\202\002\0040\202\002", len=676)
    at kpasswdd.c:633
#4  0x00001fe05dc017d9 in doit (keytab=0x1fe27c7a0c00, port=53249) at 
kpasswdd.c:767
#5  0x00001fe05dc01073 in main (argc=1, argv=0x7f7ffffe0c08) at kpasswdd.c:906
(gdb) x/i $pc
0x1fe263d185d6 <change+102>:    cmpl   $0x0,0xc8(%r14)
(gdb) i reg
rax            0xb216510a6421fab2       -5614210780399273294
rbx            0x1      1
rcx            0x0      0
rdx            0x1      1
rsi            0x1fe318612740   35060227057472
rdi            0x0      0
rbp            0x7f7ffffe0050   0x7f7ffffe0050
rsp            0x7f7ffffdff40   0x7f7ffffdff40
r8             0x0      0
r9             0x1fe2b9c4c5d0   35058639750608
r10            0x1fe2d5235b30   35059098934064
r11            0x0      0
r12            0x1fe318612740   35060227057472
r13            0x0      0
r14            0x0      0
r15            0x1fe2b9c4c5d0   35058639750608
rip            0x1fe263d185d6   0x1fe263d185d6 <change+102>
eflags         0x10202  66050
cs             0x2b     43
ss             0x23     35
ds             0x23     35
es             0x23     35
fs             0x23     35
gs             0x23     35



On Sat, 2018-08-04 at 15:44 -0400, Viktor Dukhovni wrote:
> > On Aug 4, 2018, at 3:28 PM, ASV <a...@inhio.net> wrote:
> > 
> > I think that I finally got it, did I?
> 
> Still no symbols, but yes, you got the instruction decode.
> 
> > Program received signal SIGSEGV, Segmentation fault.
> > 0x000007fe9c69d5d6 in change () from
> > /usr/local/heimdal/lib/libkadm5srv.so.3.0
> > Current language:  auto; currently minimal
> > (gdb) bt
> > #0  0x000007fe9c69d5d6 in change () from
> > /usr/local/heimdal/lib/libkadm5srv.so.3.0
> > #1  0x000007fe9c69d55f in kadm5_s_chpass_principal_cond () from
> > /usr/local/heimdal/lib/libkadm5srv.so.3.0
> > #2  0x000007fbfc702bfb in ?? () from
> > /usr/local/heimdal/libexec/kpasswdd
> > #3  0x000007fbfc701b89 in ?? () from
> > /usr/local/heimdal/libexec/kpasswdd
> > #4  0x000007fbfc7017d9 in ?? () from
> > /usr/local/heimdal/libexec/kpasswdd
> > #5  0x000007fbfc701073 in ?? () from
> > /usr/local/heimdal/libexec/kpasswdd
> > #6  0x000007fbfc7009a6 in ?? () from
> > /usr/local/heimdal/libexec/kpasswdd
> > #7  0x0000000000000000 in ?? ()
> > (gdb) x/i
> > $pc                                                                
> >                                                  
> > 0x7fe9c69d5d6 <change+102>:     cmpl   $0x0,0xc8(%r14)
> > (gdb) x/40i $pc-102
> > 0x7fe9c69d570 <change>: push   %rbp
> > 0x7fe9c69d571 <change+1>:       mov    %rsp,%rbp
> > 0x7fe9c69d574 <change+4>:       push   %r15
> > 0x7fe9c69d576 <change+6>:       push   %r14
> > 0x7fe9c69d578 <change+8>:       push   %r13
> > 0x7fe9c69d57a <change+10>:      push   %r12
> > 0x7fe9c69d57c <change+12>:      push   %rbx
> > 0x7fe9c69d57d <change+13>:      sub    $0xe8,%rsp
> > 0x7fe9c69d584 <change+20>:      mov    %r9,%r15
> > 0x7fe9c69d587 <change+23>:      mov    %r8,%r13
> > 0x7fe9c69d58a
> > <change+26>:      mov    %ecx,0xffffffffffffff04(%rbp)
> > 0x7fe9c69d590 <change+32>:      mov    %edx,%ebx
> > 0x7fe9c69d592 <change+34>:      mov    %rsi,%r12
> > 0x7fe9c69d595 <change+37>:      mov    %rdi,%r14
> > 0x7fe9c69d598 <change+40>:      mov    2174785(%rip),%rax        #
> > 0x7fe9c8b04e0 <__guard_local>
> > 0x7fe9c69d59f
> > <change+47>:      mov    %rax,0xffffffffffffffd0(%rbp)
> > 0x7fe9c69d5a3 <change+51>:      xorps  %xmm0,%xmm0
> > 0x7fe9c69d5a6 <change+54>:      movaps
> > %xmm0,0xffffffffffffffc0(%rbp)
> > 0x7fe9c69d5aa <change+58>:      movaps
> > %xmm0,0xffffffffffffffb0(%rbp)
> > 0x7fe9c69d5ae <change+62>:      movaps
> > %xmm0,0xffffffffffffffa0(%rbp)
> > 0x7fe9c69d5b2 <change+66>:      movaps
> > %xmm0,0xffffffffffffff90(%rbp)
> > 0x7fe9c69d5b6 <change+70>:      movaps
> > %xmm0,0xffffffffffffff80(%rbp)
> > 0x7fe9c69d5ba <change+74>:      movaps
> > %xmm0,0xffffffffffffff70(%rbp)
> > 0x7fe9c69d5c1 <change+81>:      movaps
> > %xmm0,0xffffffffffffff60(%rbp)
> > 0x7fe9c69d5c8 <change+88>:      movaps
> > %xmm0,0xffffffffffffff50(%rbp)
> > 0x7fe9c69d5cf <change+95>:      movaps
> > %xmm0,0xffffffffffffff40(%rbp)
> > 0x7fe9c69d5d6 <change+102>:     cmpl   $0x0,0xc8(%r14)
> 
> This is confirms the guess, the kadm5 handle is NULL.  We now need
> debugging
> symbols.
>

Re: kpasswdd dumps on OpenBSD6.3

Reply via email to