[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6099) SIGSEGV heimdal+ldap during kadmin -l init

Full_Name: Dewayne Geraghty
Version: 2.4.16
OS: FreeBSD-7.2R
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

Fresh build of OS, ports from heimdal, openldap-2.4.16, cyrus-sasl-2.1.22_2,
During kadmin -l init --realm-max-ticket-life=unlimited
--realm-max-renewable-life=unlimited HS2
a segmentation fault is raised.  

gdb /usr/local/sbin/kadmin
run  -l init --realm-max-ticket-life=unlimited
--realm-max-renewable-life=unlimited HS2
#0  0x285693c6 in memmove () from /lib/libc.so.7
#1  0x28235c0d in ber_write (ber=0x2860b340, buf=0x51 <Error reading address
0x51: Bad address>, len=81, nosos=0)
    at io.c:116
#2  0x28234525 in ber_put_ostring (ber=0x2860b340, str=0x51 <Error reading
address 0x51: Bad address>, len=81,
    tag=4) at encode.c:357
#3  0x28234625 in ber_put_berval (ber=0x2860b340, bv=0x2860711c, tag=4294967295)
at encode.c:382
#4  0x28235729 in ber_printf (ber=0x2860b340, fmt=0x281c99de "V]N}") at
#5  0x2819a074 in ldap_add_ext (ld=0x2863d100,
    dn=0x28618180 "krb5PrincipalName=krbtgt/HS2@HS2,ou=Users,dc=heuristicsystems,dc=com,dc=au",
    sctrls=0x0, cctrls=0x0, msgidp=0xbfbfe6bc) at add.c:170
#6  0x2819a2b0 in ldap_add_ext_s (ld=0x2863d100,
    dn=0x28618180 "krb5PrincipalName=krbtgt/HS2@HS2,ou=Users,dc=heuristicsystems,dc=com,dc=au",
    sctrls=0x0, cctrls=0x0) at add.c:229
#7  0x2819a36b in ldap_add_s (ld=0x2863d100,
    dn=0x28618180 "krb5PrincipalName=krbtgt/HS2@HS2,ou=Users,dc=heuristicsystems,dc=com,dc=au",
    at add.c:243
#8  0x280b028f in LDAP_store (context=0x286010b0, db=0x2860a040, flags=0,
entry=0xbfbfe770) at hdb-ldap.c:1580
#9  0x2809a8f0 in kadm5_s_create_principal (server_handle=0x2861a0c0,
princ=0xbfbfea1c, mask=17,
    password=0xbfbfe810 "Vbc2zAiigq") at create_s.c:182
#10 0x2808eac9 in kadm5_create_principal (server_handle=0x2861a0c0,
princ=0xbfbfea1c, mask=17,
    password=0xbfbfe810 "Vbc2zAiigq") at common_glue.c:64
(gdb) x 0x2860711c
0x2860711c:     0x00000051

This is reproducable with/without overlays (except for smbk5pwd overlay); built
and tested afresh on two machines, using make -pipe -O0 -g3 

Note to build smbk5passwd on FreeBSD, needed to change smbk5pwd Makefile:
#HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
HEIMDAL_LIB=-L/usr/local/lib -lkrb5 -lkadm5srv

The ldap database is built using one group entry (ou=Users,dc=..). Have used
ldap for 3 years, kerberos for 4 months.