[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: crash: cyrus-imapd -> sasl -> pam -> pam_ldap ->libldap-2.x -> sasl



At 06:32 PM 11/28/00 +0100, Julio Sánchez Fernández wrote:


>"Kurt D. Zeilenga" wrote:
>
>> Besides the quick (rm sasl_set_alloc call) hack you and others
>> have suggested, I would suggest moving SASL's PAM code into
>> pwcheckd.  This would isolate the SASL caller from the SASL
>> password check mechanism.
>
>Oh, yes.  That would help a lot.  But may be not enough.
>
>What worries me is that, apparently, any program that uses libsasl
>on its own and libldap might trigger this.  Because it might
>end up allocating memory with ber_memalloc and freeing it with
>something else.  Or the other way around.  And that may break.

This is only a problem if there are multiple heaps.  I don't think
this is the problem.

I think the problem is that the hooks are getting unloaded.


>For instance, sasl_decode returns memory allocated by the library
>(presumably using whatever was set by sasl_set_alloc) and the caller
>is responsible for freeing it. So it should know how to do that.
>
>And we are playing dirty tricks behind the caller's back. Seems fragile.
>For instance, sendmail calls both libsasl and libldap.  It may work now
>and start failing at anytime. 
>
>Julio