[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)

To: "Markus Moeller" <huaraz@moeller.plus.com>
Subject: Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
From: Michael B Allen <miallen@ioplex.com>
Date: Sun, 24 Feb 2008 10:48:36 -0500
Cc: heimdal-discuss@sics.se
In-Reply-To: <fproeg$i3i$1@ger.gmane.org>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
Organization: IOPLEX Software
References: <877igvo4d2.fsf@windlord.stanford.edu><fproeg$i3i$1@ger.gmane.org>
Reply-To: heimdal-discuss@sics.se, Michael B Allen <miallen@ioplex.com>

On Sun, 24 Feb 2008 12:37:33 -0000
"Markus Moeller" <huaraz@moeller.plus.com> wrote:

> Russ,
> 
> I think you need to set the whole structure to 0 after calloc.
> 
> memset(*creds, 0, sizeof(krb5_creds));
> 
> otherwise pointers like creds->client, creds->server could be undefined and 
> then used in free calls later on in krb5_free_creds_contents (e.g. 
> krb5_free_principal(context, creds->client);

No, calloc zeros the memory. That's the difference between calloc and
malloc. Calloc zeros out the allocated memory whereas malloc does not.

Mike

> "Russ Allbery" <rra@stanford.edu> wrote in message 
> 877igvo4d2.fsf@windlord.stanford.edu">news:877igvo4d2.fsf@windlord.stanford.edu...
> > Alf ran into an odd problem with my pam-krb5 module built statically with
> > Heimdal 1.0.2 on Solaris 9 with the Sun Studio C version 11 compiler.
> >
> > pam-krb5, when authentication failed, was dying with:
> >
> > 23484:      Incurred fault #5, FLTACCESS  %pc = 0x001E1668
> > 23484:        siginfo: SIGBUS BUS_ADRALN addr=0xAACA6001
> > 23484:      Received signal #10, SIGBUS [default]
> > 23484:        siginfo: SIGBUS BUS_ADRALN addr=0xAACA6001
> >
> > Inside the module, it does:
> >
> > int
> > pamk5_password_auth(struct pam_args *args, const char *service,
> >                    krb5_creds **creds)
> > {
> > /* ... */
> >    *creds = calloc(1, sizeof(krb5_creds));
> > /* ... */
> >            retval = krb5_get_init_creds_password(ctx->context, *creds,
> >                          ctx->princ, pass, pamk5_prompter_krb5, args, 0,
> >                          (char *) service, opts);
> >            success = (retval == 0) ? PAM_SUCCESS : PAM_AUTH_ERR;
> > /* ... */
> >        if (*creds != NULL) {
> >            krb5_free_cred_contents(ctx->context, *creds);
> >            free(*creds);
> >            *creds = NULL;
> >        }
> >
> > The krb5_free_cred_contents here appears to be the culprit, even though
> > the structure is initialized all-zeros.  If I apply this patch, the crash
> > goes away:

-- 
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/

References:
- Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
  - From: Russ Allbery <rra@stanford.edu>
- Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
  - From: "Markus Moeller" <huaraz@moeller.plus.com>

Prev by Date: Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
Next by Date: If you can't beat CEOs join them
Prev by thread: Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
Next by thread: Re: Odd krb5_free_cred_contents problem (Heimdal 1.0.2, Solaris 9)
Index(es):
- Date
- Thread