Public bug reported:
Description of the problem:
Samba crashes if libtalloc2 is not installed when a share is accessed by a
non-Linux system.
Steps to reproduce:
1. Install KUbuntu 14.04.
2. Get a root terminal up and type
apt-get update
apt-get install samba
3. Add the following to end of /etc/samba/smb.conf :
[tmp]
path = /tmp
browseable = yes
read only = no
guest ok = yes
4. Run
service smbd reload
5. Connect to the share using something other than Linux (e.g. Windows 7
Explorer, Windows 2012 Explorer, OS X 10.9.5 Finder).
Expected result:
Contents of /tmp to be displayed.
Actual result:
The client hangs because the samba server has core dumped.
How reproducible is the issue:
It is reproducible every time.
Additional information:
Connecting to the share using Linux (e.g. using smbclient or Nautilus on
another system) always works without issue.
Looking in /var/log/samba/cores shows are core with the following backtrace:
#0 0x00007ff3d014ccc9 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x00007ff3d01500d8 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007ff3d187d64b in dump_core ()
from /usr/lib/x86_64-linux-gnu/libsmbconf.so.0
#3 0x00007ff3d2bed287 in smb_panic_s3 ()
from /usr/lib/x86_64-linux-gnu/samba/libsmbregistry.so.0
#4 0x00007ff3d39648df in smb_panic ()
from /usr/lib/x86_64-linux-gnu/libsamba-util.so.0
#5 0x00007ff3d06ebb5f in _talloc_zero ()
from /usr/lib/x86_64-linux-gnu/libtalloc.so.2
#6 0x00007ff3d06f27b3 in talloc_set_memlimit ()
from /usr/lib/x86_64-linux-gnu/libtalloc.so.2
#7 0x0000000000000000 in ?? ()
Looking in /var/log/samba/log.* shows the following:
[2016/07/21 11:31:48.763178, 0]
../source3/lib/popt_common.c:68(popt_s3_talloc_log_fn)
talloc: access after free error - first free may be at
../source3/smbd/open.c:3715
[2016/07/21 11:31:48.763218, 0]
../source3/lib/popt_common.c:68(popt_s3_talloc_log_fn)
Bad talloc magic value - access after free
[2016/07/21 11:31:48.763222, 0] ../source3/lib/util.c:789(smb_panic_s3)
PANIC (pid 5987): Bad talloc magic value - access after free
[2016/07/21 11:31:48.763833, 0] ../source3/lib/util.c:900(log_stack_trace)
BACKTRACE: 29 stack frames:
#0 /usr/lib/x86_64-linux-gnu/samba/libsmbregistry.so.0(log_stack_trace+0x1a)
[0x7ff3d2bed14a]
#1 /usr/lib/x86_64-linux-gnu/samba/libsmbregistry.so.0(smb_panic_s3+0x20)
[0x7ff3d2bed220]
#2 /usr/lib/x86_64-linux-gnu/libsamba-util.so.0(smb_panic+0x2f)
[0x7ff3d39648df]
#3 /usr/lib/x86_64-linux-gnu/libtalloc.so.2(+0x1b5f) [0x7ff3d06ebb5f]
#4 /usr/lib/x86_64-linux-gnu/libtalloc.so.2(_talloc_steal_loc+0xab)
[0x7ff3d06f277b]
#5 /usr/lib/x86_64-linux-gnu/libtalloc.so.2(_talloc_move+0x13)
[0x7ff3d06f27b3]
#6 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(+0x18a9d8)
[0x7ff3d35a59d8]
#7
/usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(get_share_mode_lock+0x17e)
[0x7ff3d35a660e]
#8 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(+0xfbbfe)
[0x7ff3d3516bfe]
#9 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(+0x10020c)
[0x7ff3d351b20c]
#10
/usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(create_file_default+0x1cf)
[0x7ff3d351c69f]
#11 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(+0x1d8cce)
[0x7ff3d35f3cce]
#12
/usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(smb_vfs_call_create_file+0xd8)
[0x7ff3d3522ed8]
#13
/usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(smbd_smb2_request_process_create+0x1a24)
[0x7ff3d3551994]
#14
/usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(smbd_smb2_request_dispatch+0xc4d)
[0x7ff3d354943d]
#15 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(+0x12f0c2)
[0x7ff3d354a0c2]
#16 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(run_events_poll+0x16c)
[0x7ff3d1885a2c]
#17 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(+0x25c80) [0x7ff3d1885c80]
#18 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d)
[0x7ff3d04ded5d]
#19 /usr/lib/x86_64-linux-gnu/libtevent.so.0(tevent_common_loop_wait+0x1b)
[0x7ff3d04deefb]
#20 /usr/lib/x86_64-linux-gnu/samba/libsmbd-base.so.0(smbd_process+0x6c9)
[0x7ff3d35385b9]
#21 smbd(+0x96b6) [0x7ff3d3ffe6b6]
#22 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(run_events_poll+0x16c)
[0x7ff3d1885a2c]
#23 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(+0x25c80) [0x7ff3d1885c80]
#24 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d)
[0x7ff3d04ded5d]
#25 /usr/lib/x86_64-linux-gnu/libtevent.so.0(tevent_common_loop_wait+0x1b)
[0x7ff3d04deefb]
#26 smbd(main+0x15b4) [0x7ff3d3ffc6c4]
#27 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7ff3d0137ec5]
#28 smbd(+0x7a96) [0x7ff3d3ffca96]
[2016/07/21 11:31:48.763882, 0] ../source3/lib/util.c:801(smb_panic_s3)
smb_panic(): calling panic action [/usr/share/samba/panic-action 5987]
[2016/07/21 11:31:48.766436, 0] ../source3/lib/util.c:809(smb_panic_s3)
smb_panic(): action returned status 0
[2016/07/21 11:31:48.766470, 0] ../source3/lib/dumpcore.c:318(dump_core)
dumping core in /var/log/samba/cores/smbd
Running
apt-get install libtalloc2
service smbd restart
resolves the problem.
Version information:
Ubuntu 14.04.3 LTS
libsmbclient 2:4.3.9+dfsg-0ubuntu0.14.04.3
libwbclient0 2:4.1.6+dfsg-1ubuntu2.14.04.8
python-samba 2:4.3.9+dfsg-0ubuntu0.14.04.3
samba 2:4.3.9+dfsg-0ubuntu0.14.04.3 install ok installed
samba-common 2:4.3.9+dfsg-0ubuntu0.14.04.3
samba-common-bin 2:4.3.9+dfsg-0ubuntu0.14.04.3
samba-dsdb-modules 2:4.3.9+dfsg-0ubuntu0.14.04.3
samba-libs 2:4.3.9+dfsg-0ubuntu0.14.04.3
samba-vfs-modules 2:4.3.9+dfsg-0ubuntu0.14.04.3
smbclient 2:4.3.9+dfsg-0ubuntu0.14.04.3
** Affects: samba (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1605209
Title:
Missing libtalloc2 dependency
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1605209/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
