Description of problem: When running saslauthd with the kerberos5 method, uninitialized memory can be freed in error-situations: | # MALLOC_CHECK_=1 saslauthd -D -a kerberos5 | ... | free(): invalid pointer 0xbffff2c8! | ... This happens e.g. when no 'host/...' key exists /etc/krb5.keytab. It was reported upstream a year ago already: http://www.irbs.net/internet/cyrus-sasl/0304/0097.html Version-Release number of selected component (if applicable): cyrus-sasl-2.1.18-2 Additional info: The diagnostic why authentication fails without a hostkey was very difficultly (saslauthd said 'internal error') and only the free() gave me the needed hints. Therefore, this bug should be kept perhaps ;)
Created attachment 100419 [details] Fixes usage of uninitialized memory It is probably not very portable to initialize 'krb5_data' structures directly. Heimdal has a krb5_data_zero() function but I could not find something similar for MIT krb5. Therefore the direct initialization...
New upstream report at http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=5641
Fedora Core 2 is now maintained by the Fedora Legacy project for security updates only. If this problem is a security issue, please reopen and reassign to the Fedora Legacy product. If it is not a security issue and hasn't been resolved in the current FC3 updates or in the FC4 test release, reopen and change the version to match.
Enrico is this still an issue in FC4?
I can not reproduce it anymore in FC4, but I can not remember exactly what I did one year ago. I workarounded the bug on my systems so perhaps I am missing it therefore. As nobody else cared about it, I will close the bug.