subject:"Re\: Fwd\: OpenBSD 6.6 snapsot and samba's net utility"

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-03 Thread Sebastien Marie

On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> Bugged net utility from samba package/
> ktrace is attached

PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file too).

in case you don't figure, you send to everyone a trace of all syscalls with
arguments and return of what the program did, including:

- file description and content for any opened file (hello
  /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
- all network communication with the program (hello ldap, kerberos and smb
  services)

It means that any secrets in readed file or sent/received on the network should
be considered compromised.

Just don't do that.

Thanks.
-- 
Sebastien Marie

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-03 Thread dmitry.sensei

Thanks. But the problem with the net utility still exists

пт, 4 окт. 2019 г. в 11:37, Sebastien Marie :

> On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> > Bugged net utility from samba package/
> > ktrace is attached
>
> PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file
> too).
>
> in case you don't figure, you send to everyone a trace of all syscalls with
> arguments and return of what the program did, including:
>
> - file description and content for any opened file (hello
>   /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> - all network communication with the program (hello ldap, kerberos and smb
>   services)
>
> It means that any secrets in readed file or sent/received on the network
> should
> be considered compromised.
>
> Just don't do that.
>
> Thanks.
> --
> Sebastien Marie
>


-- 
Dmitry Orlov

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-04 Thread Stuart Henderson

On 2019/10/04 08:32, Sebastien Marie wrote:
> On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> > Bugged net utility from samba package/
> > ktrace is attached
> 
> PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file too).
> 
> in case you don't figure, you send to everyone a trace of all syscalls with
> arguments and return of what the program did, including:
> 
> - file description and content for any opened file (hello
>   /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> - all network communication with the program (hello ldap, kerberos and smb
>   services)
> 
> It means that any secrets in readed file or sent/received on the network 
> should
> be considered compromised.
> 
> Just don't do that.
> 
> Thanks.
> -- 
> Sebastien Marie
> 

Plus, it's not really useful anyway. A backtrace would be the normal
starting point for a segfault. (In case "gdb" in base doesn't work,
pkg_add gdb and use "egdb" instead).

egdb `which net` net.core
bt full

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-04 Thread dmitry.sensei

How to debug net with parameters&

пт, 4 окт. 2019 г. в 13:49, Stuart Henderson :

> On 2019/10/04 08:32, Sebastien Marie wrote:
> > On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> > > Bugged net utility from samba package/
> > > ktrace is attached
> >
> > PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file
> too).
> >
> > in case you don't figure, you send to everyone a trace of all syscalls
> with
> > arguments and return of what the program did, including:
> >
> > - file description and content for any opened file (hello
> >   /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> > - all network communication with the program (hello ldap, kerberos and
> smb
> >   services)
> >
> > It means that any secrets in readed file or sent/received on the network
> should
> > be considered compromised.
> >
> > Just don't do that.
> >
> > Thanks.
> > --
> > Sebastien Marie
> >
>
> Plus, it's not really useful anyway. A backtrace would be the normal
> starting point for a segfault. (In case "gdb" in base doesn't work,
> pkg_add gdb and use "egdb" instead).
>
> egdb `which net` net.core
> bt full
>
>

-- 
Dmitry Orlov

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-04 Thread Stuart Henderson

On 2019/10/04 14:25, dmitry.sensei wrote:
> How to debug net with parameters&
> 
> пт, 4 окт. 2019 г. в 13:49, Stuart Henderson :
> 
> On 2019/10/04 08:32, Sebastien Marie wrote:
> > On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> > > Bugged net utility from samba package/
> > > ktrace is attached
> >
> > PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file 
> too).
> >
> > in case you don't figure, you send to everyone a trace of all syscalls 
> with
> > arguments and return of what the program did, including:
> >
> > - file description and content for any opened file (hello
> >   /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> > - all network communication with the program (hello ldap, kerberos and 
> smb
> >   services)
> >
> > It means that any secrets in readed file or sent/received on the 
> network should
> > be considered compromised.
> >
> > Just don't do that.
> >
> > Thanks.
> > --
> > Sebastien Marie
> >
> 
> Plus, it's not really useful anyway. A backtrace would be the normal
> starting point for a segfault. (In case "gdb" in base doesn't work,
> pkg_add gdb and use "egdb" instead).
> 
> egdb `which net` net.core
> bt full
> 
> 
> 
> 
> --
> Dmitry Orlov

The command I showed is to look at the coredump from your previous crash which
already happened with parameters.

If you need to run it "live" in gdb then omit "net.core" from the command line
and use "set args " and "run".

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-04 Thread dmitry.sensei

ORLOV-NB# egdb /usr/local/bin/net
GNU gdb (GDB) 7.12.1
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-openbsd6.6".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/local/bin/net...(*no debugging symbols found*
)...done.
(gdb) set args ads testjoin
(gdb) run
Starting program: /usr/local/bin/net ads testjoin
*net(20104) in free(): bogus pointer (double free?) 0x*

Program received signal SIGABRT, Aborted.
thrkill () at -:3
3   -: No such file or directory.
(gdb)

пт, 4 окт. 2019 г. в 14:31, Stuart Henderson :

> On 2019/10/04 14:25, dmitry.sensei wrote:
> > How to debug net with parameters&
> >
> > пт, 4 окт. 2019 г. в 13:49, Stuart Henderson :
> >
> > On 2019/10/04 08:32, Sebastien Marie wrote:
> > > On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> > > > Bugged net utility from samba package/
> > > > ktrace is attached
> > >
> > > PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core
> file too).
> > >
> > > in case you don't figure, you send to everyone a trace of all
> syscalls with
> > > arguments and return of what the program did, including:
> > >
> > > - file description and content for any opened file (hello
> > >   /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> > > - all network communication with the program (hello ldap, kerberos
> and smb
> > >   services)
> > >
> > > It means that any secrets in readed file or sent/received on the
> network should
> > > be considered compromised.
> > >
> > > Just don't do that.
> > >
> > > Thanks.
> > > --
> > > Sebastien Marie
> > >
> >
> > Plus, it's not really useful anyway. A backtrace would be the normal
> > starting point for a segfault. (In case "gdb" in base doesn't work,
> > pkg_add gdb and use "egdb" instead).
> >
> > egdb `which net` net.core
> > bt full
> >
> >
> >
> >
> > --
> > Dmitry Orlov
>
> The command I showed is to look at the coredump from your previous crash
> which
> already happened with parameters.
>
> If you need to run it "live" in gdb then omit "net.core" from the command
> line
> and use "set args " and "run".
>
>

-- 
Dmitry Orlov

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

2019-10-04 Thread Stuart Henderson

[trimmed CC list - please don't copy both misc@ and ports@]

Like I mentioned in my first mail:

bt full



On 2019/10/04 14:48, dmitry.sensei wrote:
> ORLOV-NB# egdb /usr/local/bin/net
> GNU gdb (GDB) 7.12.1
> Copyright (C) 2017 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later 
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-unknown-openbsd6.6".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> .
> Find the GDB manual and other documentation resources online at:
> .
> For help, type "help".
> Type "apropos word" to search for commands related to "word"...
> Reading symbols from /usr/local/bin/net...(no debugging symbols found)...done.
> (gdb) set args ads testjoin
> (gdb) run
> Starting program: /usr/local/bin/net ads testjoin
> net(20104) in free(): bogus pointer (double free?) 0x
> 
> Program received signal SIGABRT, Aborted.
> thrkill () at -:3
> 3       -: No such file or directory.
> (gdb)
> 
> пт, 4 окт. 2019 г. в 14:31, Stuart Henderson :
> 
> On 2019/10/04 14:25, dmitry.sensei wrote:
> > How to debug net with parameters&
> >
> > пт, 4 окт. 2019 г. в 13:49, Stuart Henderson :
> >
> >     On 2019/10/04 08:32, Sebastien Marie wrote:
> >     > On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> >     > > Bugged net utility from samba package/
> >     > > ktrace is attached
> >     >
> >     > PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for 
> core file too).
> >     >
> >     > in case you don't figure, you send to everyone a trace of all 
> syscalls with
> >     > arguments and return of what the program did, including:
> >     >
> >     > - file description and content for any opened file (hello
> >     >   /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> >     > - all network communication with the program (hello ldap, 
> kerberos and smb
> >     >   services)
> >     >
> >     > It means that any secrets in readed file or sent/received on the 
> network should
> >     > be considered compromised.
> >     >
> >     > Just don't do that.
> >     >
> >     > Thanks.
> >     > --
> >     > Sebastien Marie
> >     >
> >
> >     Plus, it's not really useful anyway. A backtrace would be the normal
> >     starting point for a segfault. (In case "gdb" in base doesn't work,
> >     pkg_add gdb and use "egdb" instead).
> >
> >     egdb `which net` net.core
> >     bt full
> >
> >
> >
> >
> > --
> > Dmitry Orlov
> 
> The command I showed is to look at the coredump from your previous crash 
> which
> already happened with parameters.
> 
> If you need to run it "live" in gdb then omit "net.core" from the command 
> line
> and use "set args " and "run".
> 
> 
> 
> 
> --
> Dmitry Orlov

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

Re: Fwd: OpenBSD 6.6 snapsot and samba's net utility

7 matches

Site Navigation

Mail list logo

Footer information