Dixi quod…
>I was able to strace this:
[…]
>openat(AT_FDCWD, "/etc/__db.sasldb2", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0660)
>= 3
>fcntl64(3, F_GETFD) = 0
>fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
>get_thread_area() = 0xc0501500
>get_thread_area() = 0xc0501500
>get_thread_area() = 0xc0501500
>get_thread_area() = 0xc0501500
>statx(3, "", AT_STATX_SYNC_AS_STAT|AT_NO_AUTOMOUNT|AT_EMPTY_PATH,
>STATX_BASIC_STATS, {stx_mask=STATX_BASIC_STATS|STATX_MNT_ID, stx_attributes=0,
>stx_mode=S_IFREG|0640, stx_size=0, ...}) = 0
>statx(AT_FDCWD, "/etc/__db.sasldb2", AT_STATX_SYNC_AS_STAT|AT_NO_AUTOMOUNT,
>STATX_BASIC_STATS, {stx_mask=STATX_BASIC_STATS|STATX_MNT_ID, stx_attributes=0,
>stx_mode=S_IFREG|0640, stx_size=0, ...}) = 0
>clock_gettime64(CLOCK_REALTIME, {tv_sec=1711315870, tv_nsec=459521594}) = 0
>clock_gettime64(CLOCK_REALTIME, {tv_sec=1711315870, tv_nsec=459846799}) = 0
>writev(2, [{iov_base="*** ", iov_len=4}, {iov_base="stack smashing detected",
>iov_len=23}, {iov_base=" ***: terminated\n", iov_len=17}], 3*** stack smashing
>detected ***: terminated
>) = 44
>mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
>0xc0020000
>get_thread_area() = 0xc0501500
>rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
>get_thread_area() = 0xc0501500
>get_thread_area() = 0xc0501500
>gettid() = 32759
>getpid() = 32759
>tgkill(32759, 32759, SIGABRT) = 0
>--- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=32759, si_uid=0} ---
>+++ killed by SIGABRT +++
>Aborted
>
>Best guess here is that the clock_gettime64 overwrote something?
This is possibly in db5.3 then.
(pbuild-31733)root@ara2:/# apt-get install gdb-minimal libdb5.3-dbg
sasl2-bin-dbgsym libsasl2-2-dbgsym libc6-dbg
[…]
(pbuild-31733)root@ara2:/# gdb /usr/sbin/saslpasswd2
[…]
(gdb) run -c 'no:such:user' <exclam
Starting program: /usr/sbin/saslpasswd2 -c 'no:such:user' <exclam
*** stack smashing detected ***: terminated
Program received signal SIGABRT, Aborted.
0xc00d1a88 in ?? ()
(gdb) bt
#0 0xc00d1a88 in ?? ()
#1 0xefffef8c in ?? ()
#2 0x00000000 in ?? ()
Unfortunately, gdb *generally* does not seem to be helpful:
(gdb) b main
Breakpoint 1 at 0x10b8: file ../../utils/saslpasswd.c, line 262.
(gdb) run -c 'no:such:user' <exclam
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /usr/sbin/saslpasswd2 -c 'no:such:user' <exclam
Warning:
Cannot insert breakpoint 1.
Cannot access memory at address 0x10b8
(gdb) bt
#0 0xc00148c8 in ?? ()
#1 0x00000003 in ?? ()
#2 0xeffffa6f in ?? ()
#3 0xeffffa85 in ?? ()
#4 0xeffffa88 in ?? ()
#5 0x00000000 in ?? ()
(gdb) disas main
Dump of assembler code for function main:
0x000010b8 <+0>:
Cannot access memory at address 0x10b8
(gdb) b sasl_setpass
Breakpoint 2 at 0xe60
Warning:
Cannot insert breakpoint 2.
Cannot access memory at address 0xe60
I don’t have much ideas how to go further because the
code paths are really hard to follow.
I also am not sure it’s in db5.3 any more, as libsasl2.so.2
isn’t linked against it…
bye,
//mirabilos
--
<hecker> cool ein Ada Lovelace Google-Doodle. aber zum 197. Geburtstag? Hätten
die nicht noch 3 Jahre warten können? <mirabilos> bis dahin gibts google nicht
mehr <hecker> ja, könnte man meinen. wahrscheinlich ist der angekündigte welt-
untergang aus dem maya-kalender die globale abschaltung von google ☺ und darum
müssen die die doodles vorher noch raushauen
