[Petter Reinholdtsen]
> If I start a terminal and run kinit there, I can set a password but
> krb5-auth-dialog imediately crashes. Here is the valgrind output from
> the crash run:
I reran the session after building a non-stripped version. Here is
the new output.
==11982== Memcheck, a memory error detector
==11982== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==11982== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==11982== Command: build/src/krb5-auth-dialog
==11982==
==11982== Conditional jump or move depends on uninitialised value(s)
==11982== at 0x551951E: ??? (in
/usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0)
==11982== by 0x5505987: ??? (in
/usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0)
==11982== by 0x54BC133: pixman_image_composite32 (in
/usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0)
==11982== by 0x5136A1C: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x517AEEB: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x516B554: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x516C03E: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x7F: ???
==11982==
==11982== Conditional jump or move depends on uninitialised value(s)
==11982== at 0x551978E: ??? (in
/usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0)
==11982== by 0x5505987: ??? (in
/usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0)
==11982== by 0x54BC133: pixman_image_composite32 (in
/usr/lib/i386-linux-gnu/libpixman-1.so.0.26.0)
==11982== by 0x5136A1C: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x517AEEB: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x516B554: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x516C03E: ??? (in
/usr/lib/i386-linux-gnu/libcairo.so.2.11200.2)
==11982== by 0x51A: ???
==11982==
==11982== Conditional jump or move depends on uninitialised value(s)
==11982== at 0x7EEA621: ??? (in /usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1)
==11982== by 0x7EEB485: rsvg_handle_get_pixbuf_sub (in
/usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1)
==11982== by 0x7EEB502: rsvg_handle_get_pixbuf (in
/usr/lib/i386-linux-gnu/librsvg-2.so.2.36.1)
==11982== by 0x5BD8ACF: ??? (in
/usr/lib/i386-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so)
==11982== by 0x4F652BA: gdk_pixbuf_loader_close (in
/usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.2600.1)
==11982== by 0x4F6114C: ??? (in
/usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.2600.1)
==11982== by 0x4F62CA6: gdk_pixbuf_new_from_stream_at_scale (in
/usr/lib/i386-linux-gnu/libgdk_pixbuf-2.0.so.0.2600.1)
==11982== by 0x42A677D: ??? (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2)
==11982== by 0x42A97E0: gtk_icon_info_load_icon (in
/usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2)
==11982== by 0x42A9D14: gtk_icon_info_load_symbolic_for_context (in
/usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2)
==11982== by 0x42A45F5: ??? (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2)
==11982== by 0x43624FE: ??? (in /usr/lib/i386-linux-gnu/libgtk-3.so.0.400.2)
==11982==
** Message: No plugins to load
** (krb5-auth-dialog:11982): WARNING **: Could not initialize NMClient
/org/freedesktop/NetworkManager: The name org.freedesktop.NetworkManager was
not provided by any .service files
(krb5-auth-dialog:11982): GLib-GIO-CRITICAL **: GApplication subclass
'KaApplet' failed to chain up on ::startup (from start of override function)
==11982== Invalid read of size 4
==11982== at 0x40DCF47: krb5_principal_compare (in
/usr/lib/i386-linux-gnu/libkrb5.so.26.0.0)
==11982== by 0x804EBD5: credentials_expiring_real (ka-kerberos.c:224)
==11982== by 0x53EF20C: ffi_call (in
/usr/lib/i386-linux-gnu/libffi.so.5.0.10)
==11982== by 0x47FEC79: g_cclosure_marshal_generic_va (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x47FE120: ??? (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x4817278: g_signal_emit_valist (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x4817CD2: g_signal_emit (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x46DBA70: ??? (in
/usr/lib/i386-linux-gnu/libgio-2.0.so.0.3200.4)
==11982== by 0x488818F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== by 0x488A6D2: g_main_context_dispatch (in
/lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== by 0x488AA6F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== by 0x488AB50: g_main_context_iteration (in
/lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==11982==
==11982==
==11982== Process terminating with default action of signal 11 (SIGSEGV)
==11982== Access not within mapped region at address 0x0
==11982== at 0x40DCF47: krb5_principal_compare (in
/usr/lib/i386-linux-gnu/libkrb5.so.26.0.0)
==11982== by 0x804EBD5: credentials_expiring_real (ka-kerberos.c:224)
==11982== by 0x53EF20C: ffi_call (in
/usr/lib/i386-linux-gnu/libffi.so.5.0.10)
==11982== by 0x47FEC79: g_cclosure_marshal_generic_va (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x47FE120: ??? (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x4817278: g_signal_emit_valist (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x4817CD2: g_signal_emit (in
/usr/lib/i386-linux-gnu/libgobject-2.0.so.0.3200.4)
==11982== by 0x46DBA70: ??? (in
/usr/lib/i386-linux-gnu/libgio-2.0.so.0.3200.4)
==11982== by 0x488818F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== by 0x488A6D2: g_main_context_dispatch (in
/lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== by 0x488AA6F: ??? (in /lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== by 0x488AB50: g_main_context_iteration (in
/lib/i386-linux-gnu/libglib-2.0.so.0.3200.4)
==11982== If you believe this happened as a result of a stack
==11982== overflow in your program's main thread (unlikely but
==11982== possible), you can try to increase the size of the
==11982== main thread stack using the --main-stacksize= flag.
==11982== The main thread stack size used in this run was 8388608.
DEBUG: ka_applet_set_property: principal:
DEBUG: ka_applet_set_property: pk-userid:
DEBUG: ka_applet_set_property: pk-anchors:
DEBUG: ka_applet_set_property: pw-prompt-mins: 30
DEBUG: ka_applet_set_property: tgt-forwardable: False
DEBUG: ka_applet_set_property: tgt-proxiable: False
DEBUG: ka_applet_set_property: tgt-renewable: False
DEBUG: ka_applet_set_property: principal: pere
DEBUG: ka_applet_set_property: pw-prompt-mins: 30
DEBUG: ka_applet_set_property: pk-userid:
DEBUG: ka_applet_set_property: pk-anchors:
DEBUG: ka_applet_set_property: tgt-forwardable: False
DEBUG: ka_applet_set_property: tgt-renewable: False
DEBUG: ka_applet_set_property: tgt-proxiable: False
DEBUG: ka_applet_local_command_line: Parsing local command line
DEBUG: ka_applet_startup: Primary application
DEBUG: ka_nm_client_state_changed_cb: Network state: 0
DEBUG: monitor_ccache: Monitoring /tmp/krb5cc_1000
DEBUG: ka_applet_command_line: Evaluating command line
DEBUG: credentials_expiring: Checking expiry <1800s
DEBUG: credentials_expiring: Expiry @ 0
DEBUG: ccache_changed_cb: /tmp/krb5cc_1000 changed
DEBUG: credentials_expiring: Checking expiry <1800s
==11982==
==11982== HEAP SUMMARY:
==11982== in use at exit: 1,620,512 bytes in 23,147 blocks
==11982== total heap usage: 83,986 allocs, 60,839 frees, 6,257,436 bytes
allocated
==11982==
==11982== LEAK SUMMARY:
==11982== definitely lost: 1,792 bytes in 6 blocks
==11982== indirectly lost: 6,460 bytes in 320 blocks
==11982== possibly lost: 1,033,559 bytes in 14,308 blocks
==11982== still reachable: 578,701 bytes in 8,513 blocks
==11982== suppressed: 0 bytes in 0 blocks
==11982== Rerun with --leak-check=full to see details of leaked memory
==11982==
==11982== For counts of detected and suppressed errors, rerun with: -v
==11982== Use --track-origins=yes to see where uninitialised values come from
==11982== ERROR SUMMARY: 11 errors from 4 contexts (suppressed: 177 from 12)
> Can you change krb5-auth-dialog to use the same algorithm as kinit
> to figure out the realm, to get it working also for hosts without a
> domain part in their name?
This would be the best fix.
> Can you fix the crash?
I looked at the source, and the crash is caused by kprincipal being NULL.
This patch solve the crash by making sure to not try to compare and
free a null pointer:
diff -ru krb5-auth-dialog-3.2.1/src/ka-kerberos.c
krb5-auth-dialog-3.2.1-pere/src/ka-kerberos.c
--- krb5-auth-dialog-3.2.1/src/ka-kerberos.c 2011-09-26 22:09:21.000000000
+0200
+++ krb5-auth-dialog-3.2.1-pere/src/ka-kerberos.c 2013-07-03
10:50:39.000000000 +0200
@@ -221,8 +221,10 @@
}
/* copy principal from cache if any */
- if (krb5_principal_compare (kcontext, my_creds.client, kprincipal)) {
- krb5_free_principal (kcontext, kprincipal);
+ if (NULL == kprincipal ||
+ krb5_principal_compare (kcontext, my_creds.client, kprincipal)) {
+ if (NULL != kprincipal)
+ krb5_free_principal (kcontext, kprincipal);
krb5_copy_principal (kcontext, my_creds.client, &kprincipal);
}
creds_expiry = my_creds.times.endtime;
I hope you can find a way to solve the inability to find the realm,
and can get a fix into Wheezy. :)
--
Happy hacking
Petter Reinholdtsen
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
