Hi all
I can reproduce the problem when I run saslauthd with authmech shadow:
saslauthd -a shadow
and then try to authenticate users that have a crippled /etc/shadow
entry. By crippled I mean ! or * as password entry, as for root, mail,
nobody.
When I run the 2.1.25 stock source with debugging symbols in gdb with
"-a shadow -n 1 -d -m /var/run/saslauthd/mux" as param, I get:
Program received signal SIGSEGV, Segmentation fault.
0xb7e6e6f1 in ?? () from /lib/i386-linux-gnu/libc.so.6
(gdb) where
#0 0xb7e6e6f1 in ?? () from /lib/i386-linux-gnu/libc.so.6
#1 0xb7e6e326 in strdup () from /lib/i386-linux-gnu/libc.so.6
#2 0x0804b910 in auth_shadow (login=0xbffff098 "root",
password=0xbffff199 "dfsdf", service=0xbffff29a "ldap",
realm=0xbffff39b "") at auth_shadow.c:188
#3 0x0804ed3f in do_auth (_login=_login@entry=0xbffff098 "root",
password=password@entry=0xbffff199 "dfsdf",
service=service@entry=0xbffff29a "ldap", realm=realm@entry=0xbffff39b "")
at saslauthd-main.c:410
#4 0x0804dd17 in do_request (conn_fd=conn_fd@entry=9) at ipc_unix.c:426
#5 0x0804e547 in ipc_loop () at ipc_unix.c:277
#6 0x080499c1 in main (argc=8, argv=0xbffff5e4) at saslauthd-main.c:369
Offending line is:
cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
where crypt() returns NULL for the crippled shadow entries. Proposed
patch:
char *encpwd = crypt(password, sp->sp_pwdp);
if (encpwd == NULL) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "DEBUG: auth_shadow: crypt returned NULL");
}
RETURN("NO");
}
cpw = strdup((const char *)encpwd);
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1187001
Title:
saslauthd[26791]: segfault at 0 ip b71de6f1 sp bfcd2d9c error 4 in
libc-2.17.so[b7160000+1ad000]
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1187001/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
