Bug 134979 - cyrus-sasl causes crashes with ldap
Summary: cyrus-sasl causes crashes with ldap
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: cyrus-sasl
Version: 3.0
Hardware: i386
OS: Linux
medium
high
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL:
Whiteboard:
Keywords:
: 135056 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-10-07 17:16 UTC by Benjamin Gordon
Modified: 2014-01-21 22:50 UTC (History)
8 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2004-10-07 22:03:25 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2004:546 high SHIPPED_LIVE Important: cyrus-sasl security update 2004-10-07 04:00:00 UTC

Description Benjamin Gordon 2004-10-07 17:16:14 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20040914
Firefox/0.10

Description of problem:
The cyrus-sasl-2.1.15-9 update from today causes crashes in all
authentication processes such as ssh, su, sudo, etc when pam is
configured to look up user accounts and passwords in ldap.  Replacing
2.1.15-9 with 2.1.15-8 fixes the problem.  All accounts on the
machines are affected, not just accounts stored in ldap.



Version-Release number of selected component (if applicable):
cyrus-sasl-2.1.15-9

How reproducible:
Always

Steps to Reproduce:
1. Upgrade to cyrus-sasl-2.1.15-9
2. Run /bin/su
    

Actual Results:  su crashes with a segmentation fault

Additional info:

We have our ldap set to use tls to talk to the server.  Removing the
ldap lines from /etc/pam.d/system-auth definitely stops the crashes. 
I have not tested if just removing the tls part fixes it.

The top 6 stack frames from a core dump of su are:
#0  0x002b61e1 in _sasl_getcallback () from /usr/lib/libsasl.so.7
#1  0x002baf46 in _sasl_get_mech_list () from /usr/lib/libsasl.so.7
#2  0x002b976d in sasl_client_new () from /usr/lib/libsasl.so.7
#3  0x00e18891 in ldap_int_sasl_init () from /usr/lib/libldap.so.2
#4  0x00e28b1c in ldap_int_initialize () from /usr/lib/libldap.so.2
#5  0x00e29150 in ldap_set_option () from /usr/lib/libldap.so.2
#6  0x0011b79d in ?? () from /lib/security/pam_ldap.so

Following that are about 550 lines similar to #6.  I can post the full
backtrace if needed.
Comment 2 Marc Wallman 2004-10-07 18:43:07 UTC 
It breaks /usr/bin/ldapsearch too. Anonymous lookups segfault before
returning any results.
Comment 3 Mark J. Cox 2004-10-07 19:31:12 UTC 
Update in progress
Comment 4 Dan Stromberg 2004-10-07 19:35:05 UTC 
We had much the same problem, but we aren't using LDAP for anything.

Sendmail, upon being killed and restarted, would segfault until we
downgraded to -8 of the cyrus-sasl package.
Comment 5 Lee Whatley 2004-10-07 19:39:46 UTC 
Yeah we are not using ldap here and sendmail crapped on itself after
the cyrus-sasl upgrade.  The queue runner would start, but the actual
daemon would not.  It would just segfault like the previoud poster
said.  We also had to downgrade to -8 for sendmail to work again.  It
hasn't affected anything else but sendmail as far as I can tell...
Comment 7 Mark J. Cox 2004-10-07 20:37:09 UTC 
Revised packages are currently undergoing QA
Comment 8 Mark J. Cox 2004-10-07 20:47:20 UTC 
(Note this flaw only affects the RHEL 3 cyrus-sasl packages, the RHEL
2.1 packages contained a correct patch)
Comment 9 Josh Bressers 2004-10-07 22:03:25 UTC 
An errata has been issued which should help the problem 
described in this bug report. This report is therefore being 
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, 
please follow the link below. You may reopen this bug report 
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-546.html
Comment 10 Suzanne Hillman 2004-10-12 19:33:59 UTC 
*** Bug 135056 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.