Bug 157530

Summary: rpc.svcgssd segfaults when it receives a large token
Product: [Fedora] Fedora Reporter: Michael Young <m.a.young>
Component: nfs-utilsAssignee: Steve Dickson <steved>
Status: CLOSED CURRENTRELEASE QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Fixed In Version: FC5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-09-21 22:19:44 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Description Flags
Patch to increase a buffer size and avoid the problem none

Description Michael Young 2005-05-12 08:16:32 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050509 Fedora/1.0.3-5 Firefox/1.0.3

Description of problem:
I am testing nfsv4 with sec=krb5 where the kerberos server is Active Directory. It seems that the AP-REQ ticket is too big for rpc.svcgssd process (1196 bytes I think) which reports the errors
May 10 12:57:14 xxx rpc.svcgssd[1919]: WARNING: gss_accept_sec_context failed
May 10 12:57:14 xxx rpc.svcgssd[1919]: ERROR: GSS-API: error in handle_nullreq: gss_accept_sec_context(): A token was invalid - Token header is malformed or corrupt
then crashes. If I increase the size of the token buffer (see the patch I will attach) then nfsv4 starts working, but rpc.svcgssd shouldn't crash if it gets tokens it doesn't like.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Send a big AP-REQ token to rpc.svcgssd

Additional info:
Comment 1 Michael Young 2005-05-12 08:18:43 EDT
Created attachment 114288 [details]
Patch to increase a buffer size and avoid the problem
Comment 2 Steve Dickson 2005-05-19 08:42:37 EDT
thanks for the patch!

The should be fixed in nfs-utils-1.0.7-7 
Comment 3 Bill Nottingham 2006-09-21 22:19:44 EDT
Closing bugs in MODIFIED state from prior Fedora releases. If this bug persists
in a current Fedora release (such as Fedora Core 5 or later), please reopen and
set the version appropriately.