Bug 106354
Summary: | segfault when id is run with ldap authentication | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 3 | Reporter: | Oliver Sontag <sontag> |
Component: | nss_ldap | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | David Lawrence <dkl> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 3.0 | CC: | baublys, jakub, marc.schmitt, nalin, riek, twaugh |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 207-4 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-03-23 06:19:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Oliver Sontag
2003-10-06 13:51:24 UTC
This also leads to a nscd crash. A strace shows the crash short time after loading of /lib64/libnss_dns.so.2 All on Opteron uniprocessor with Beta2 Please fetch and install this RPM: ftp://people.redhat.com/twaugh/tmp/coreutils-debuginfo-4.5.3-26.i386.rpm Then run this: gdb --args id username with username as before, and at the (gdb) prompt type 'run' and enter. When it crashes, type 'bt' and enter and we should be able to see where it crashed. Could you please attach the output? Thanks. (gdb) run Starting program: /usr/bin/id riek (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)...[Thread debugging using libthread_db enabled] [New Thread 182894208672 (LWP 4781)] (no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 182894208672 (LWP 4781)] 0x0000002a978b1730 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 (gdb) bt #0 0x0000002a978b1730 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #1 0x0000002a9789fee3 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #2 0x0000002a9789c255 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #3 0x0000002a978a3191 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #4 0x0000002a9789bdda in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #5 0x0000002a978a2e89 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #6 0x0000002a978a0fe1 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #7 0x0000002a978a1836 in _nss_ldap_sasl_interact () from /lib64/libnss_ldap.so.2 #8 0x0000002a97894dce in _nss_ldap_init () from /lib64/libnss_ldap.so.2 #9 0x0000002a97894aa0 in _nss_ldap_init () from /lib64/libnss_ldap.so.2 #10 0x0000002a978959e0 in _nss_ldap_search_s () from /lib64/libnss_ldap.so.2 #11 0x0000002a97895ec3 in _nss_ldap_getbyname () from /lib64/libnss_ldap.so.2 #12 0x0000002a97896b3e in _nss_ldap_getpwnam_r () from /lib64/libnss_ldap.so.2 #13 0x0000002a95712ef7 in getpwnam_r@@GLIBC_2.2.5 () from /lib64/tls/libc.so.6 #14 0x0000002a957129af in getpwnam () from /lib64/tls/libc.so.6 #15 0x000000000040159c in ?? () #16 0x0000002a95688101 in __libc_start_main () from /lib64/tls/libc.so.6 #17 0x000000000040112a in ?? () (gdb) Jakub, are there known problems in this area? The backtrace would need nss_ldap-debuginfo installed to be useful. I don't know if there are any known bugs in nss_ldap, Nalin might... backtrace with nss_ldap-debuginfo installed #0 0x0000002a978b1b22 in sasl_client_new () from /lib64/libnss_ldap.so.2 #1 0x0000002a978a0163 in ldap_int_sasl_open () from /lib64/libnss_ldap.so.2 #2 0x0000002a9789c4d5 in ldap_int_open_connection () from /lib64/libnss_ldap.so.2 #3 0x0000002a978a3411 in ldap_new_connection () from /lib64/libnss_ldap.so.2 #4 0x0000002a9789c05a in ldap_open_defconn () from /lib64/libnss_ldap.so.2 #5 0x0000002a978a3109 in ldap_send_initial_request () from /lib64/libnss_ldap.so.2 #6 0x0000002a978a1261 in ldap_sasl_bind () from /lib64/libnss_ldap.so.2 #7 0x0000002a978a1ab6 in ldap_simple_bind () from /lib64/libnss_ldap.so.2 #8 0x0000002a9789500e in do_bind (ld=0x5090c0, timelimit=2, dn=0x0, pw=0xbf0 <Address 0xbf0 out of bounds>, with_sasl=3025) at ldap-nss.c:1410 #9 0x0000002a97894ce0 in do_open () at ldap-nss.c:1241 #10 0x0000002a97895c20 in _nss_ldap_search_s (args=0x7fbffff970, filterprot=0x2a97b5e300 "(&(objectclass=posixAccount)(uid=%s))", sel=LM_PASSWD, sizelimit=1, res=0x7fbffff908) at ldap-nss.c:2275 #11 0x0000002a97896103 in _nss_ldap_getbyname (args=0x7fbffff970, result=0x2a958a8620, buffer=0x505540 "otrs", buflen=1024, errnop=0x2a95582660, filterprot=0x2a97b5e300 "(&(objectclass=posixAccount)(uid=%s))", sel=LM_PASSWD, parser=0x2a97896a80 <_nss_ldap_parse_pw>) at ldap-nss.c:2625 #12 0x0000002a97896d7e in _nss_ldap_getpwnam_r ( name=0x11121 <Address 0x11121 out of bounds>, result=0x2, buffer=0xbf0 <Address 0xbf0 out of bounds>, buflen=3056, errnop=0xbd1) at ldap-pwd.c:190 #13 0x0000002a95712ef7 in getpwnam_r@@GLIBC_2.2.5 () from /lib64/tls/libc.so.6 #14 0x0000002a957129af in getpwnam () from /lib64/tls/libc.so.6 #15 0x000000000040159c in ?? () #16 0x0000002a95688101 in __libc_start_main () from /lib64/tls/libc.so.6 #17 0x000000000040112a in ?? () Ok. This is getting uglier: PPC seems to have the same problem. #8 0x0000002a9789500e in do_bind (ld=0x5090c0, timelimit=2, dn=0x0, pw=0xbf0 <Address 0xbf0 out of bounds>, with_sasl=3025) at ldap-nss.c:1410 This looks like pw (a pointer) got returned from a function whose declaration wasn't available and so it got converted to int, or something along those lines. Reassigning. This should be fixed in 207-4 and later. *** Bug 133063 has been marked as a duplicate of this bug. *** |