Skip Menu |

Subject: kdb5_util/kdb5_ldap_util can core when krb5.conf is misconfigured
CC: Mark.Phalan@Sun.COM
Download (untitled) / with headers
text/plain 1.5KiB

With a krb5.conf looking like this:

default_realm = ACME.COM

kdc =
admin_server =

.com = ACME.COM

kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log

I see this:

mit# /usr/local/sbin/kdb5_util dump
zsh: segmentation fault (core dumped) /usr/local/sbin/kdb5_util dump
mit# mdb ./core
Loading modules: [ ]
Show quoted text
> $C
08047cdc`strlen+0x30(805975e, 8047d28, 806bf40, 0)
08047d18`fprintf+0x9f(806bf40, 805975c, 0, fee862c4, 0, 96c73a88)
08047d58 extended_com_err_fn+0x3e(0, 96c73a88, 805a2fc, 8047dbc)
08047d88`com_err_va+0xbf(0, 96c73a88, 805a2fc, 8047dbc)
08047da8`com_err+0x23(0, 96c73a88, 805a2fc, 806c7d8,
fef20d68, feaf0b38)
08047e3c main+0x3fb(2, 8047e68, 8047e74)
08047e5c _start+0x80(2, 8047f14, 8047f2e, 0, 8047f33, 8047f4f)
Show quoted text

The root cause is that "progname" is being used before it is initialized:

from kdb5_util.c:

retval = kadm5_init_krb5_context(&util_context);
if (retval) {
com_err (progname, retval, "while initializing Kerberos code");

/* initialize_adb_error_table(); */

progname = (strrchr(argv[0], '/') ? strrchr(argv[0], '/')+1 : argv[0]);

progname should be initialized before it can be used by com_err().

An identical problem exists for krb5_ldap_util. See attached tarball for
Download diff.tar
application/x-tar 4KiB

Message body not shown because it is not plain text.

This came up in a search; it appears to have been dealt with in #6028
(r20531). I'm not sure which direction to do the ticket merge in.