--------------ms050304040807030706080402 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: en-US
Created an issue upstream [1] and included the valgrind output and propos= ed patch. [1] https://github.com/cyrusimap/cyrus-sasl/issues/587 =C2=A0=C2=A0=C2=A0 -Stephan On 11/28/19 4:16 PM, Howard Chu wrote: > 5ddfddde do_bind: dn () SASL mech <garbage> > 5ddfddde =3D=3D> sasl_bind: dn=3D"" mech=3D<garbage> > datalen=3D0 > =3D=3D11019=3D=3D Thread 3: > =3D=3D11019=3D=3D Invalid write of size 1 > =3D=3D11019=3D=3D at 0x4B9B1DB: sasl_seterror (seterror.c:247) > =3D=3D11019=3D=3D by 0x4B9A18D: sasl_server_start (server.c:1418) > =3D=3D11019=3D=3D by 0x26B88B: slap_sasl_bind (sasl.c:1666) > =3D=3D11019=3D=3D by 0x21E130: fe_op_bind (bind.c:279) > =3D=3D11019=3D=3D by 0x21DCE1: do_bind (bind.c:205) > =3D=3D11019=3D=3D by 0x1F35BA: connection_operation (connection.c:11= 85) > =3D=3D11019=3D=3D by 0x1F3CE7: connection_read_thread (connection.c:= 1342) > =3D=3D11019=3D=3D by 0x35DFF9: ldap_int_thread_pool_wrapper (tpool.c= :1048) > =3D=3D11019=3D=3D by 0x4DBE668: start_thread (pthread_create.c:479) > =3D=3D11019=3D=3D by 0x4EFA322: clone (clone.S:95) > =3D=3D11019=3D=3D Address 0x62032a8 is 0 bytes after a block of size 6= 00 alloc'd > =3D=3D11019=3D=3D at 0x483CFAF: realloc (in /usr/lib/x86_64-linux-gn= u/valgrind/vgpreload_memcheck-amd64-linux.so) > =3D=3D11019=3D=3D by 0x4B930A4: _buf_alloc (common.c:2186) > =3D=3D11019=3D=3D by 0x4B93299: _sasl_add_string (common.c:196) > =3D=3D11019=3D=3D by 0x4B9B2D4: sasl_seterror (seterror.c:187) > =3D=3D11019=3D=3D by 0x4B9A18D: sasl_server_start (server.c:1418) > =3D=3D11019=3D=3D by 0x26B88B: slap_sasl_bind (sasl.c:1666) > =3D=3D11019=3D=3D by 0x21E130: fe_op_bind (bind.c:279) > =3D=3D11019=3D=3D by 0x21DCE1: do_bind (bind.c:205) > =3D=3D11019=3D=3D by 0x1F35BA: connection_operation (connection.c:11= 85) > =3D=3D11019=3D=3D by 0x1F3CE7: connection_read_thread (connection.c:= 1342) > =3D=3D11019=3D=3D by 0x35DFF9: ldap_int_thread_pool_wrapper (tpool.c= :1048) > =3D=3D11019=3D=3D by 0x4DBE668: start_thread (pthread_create.c:479) > =3D=3D11019=3D=3D > =3D=3D11019=3D=3D Invalid read of size 1 > =3D=3D11019=3D=3D at 0x483DF54: strlen (in /usr/lib/x86_64-linux-gnu= /valgrind/vgpreload_memcheck-amd64-linux.so) > =3D=3D11019=3D=3D by 0x4E53DE4: __vfprintf_internal (vfprintf-intern= al.c:1688) > =3D=3D11019=3D=3D by 0x4E67029: __vsnprintf_internal (vsnprintf.c:11= 4) > =3D=3D11019=3D=3D by 0x3A1FFA: lutil_debug (debug.c:74) > =3D=3D11019=3D=3D by 0x266FF3: slap_sasl_log (sasl.c:146) > =3D=3D11019=3D=3D by 0x4B9B4CF: sasl_seterror (seterror.c:260) > =3D=3D11019=3D=3D by 0x4B9A18D: sasl_server_start (server.c:1418) > =3D=3D11019=3D=3D by 0x26B88B: slap_sasl_bind (sasl.c:1666) > =3D=3D11019=3D=3D by 0x21E130: fe_op_bind (bind.c:279) > =3D=3D11019=3D=3D by 0x21DCE1: do_bind (bind.c:205) > =3D=3D11019=3D=3D by 0x1F35BA: connection_operation (connection.c:11= 85) > =3D=3D11019=3D=3D by 0x1F3CE7: connection_read_thread (connection.c:= 1342) > =3D=3D11019=3D=3D Address 0x62032a8 is 0 bytes after a block of size 6= 00 alloc'd > =3D=3D11019=3D=3D at 0x483CFAF: realloc (in /usr/lib/x86_64-linux-gn= u/valgrind/vgpreload_memcheck-amd64-linux.so) > =3D=3D11019=3D=3D by 0x4B930A4: _buf_alloc (common.c:2186) > =3D=3D11019=3D=3D by 0x4B93299: _sasl_add_string (common.c:196) > =3D=3D11019=3D=3D by 0x4B9B2D4: sasl_seterror (seterror.c:187) > =3D=3D11019=3D=3D by 0x4B9A18D: sasl_server_start (server.c:1418) > =3D=3D11019=3D=3D by 0x26B88B: slap_sasl_bind (sasl.c:1666) > =3D=3D11019=3D=3D by 0x21E130: fe_op_bind (bind.c:279) > =3D=3D11019=3D=3D by 0x21DCE1: do_bind (bind.c:205) > =3D=3D11019=3D=3D by 0x1F35BA: connection_operation (connection.c:11= 85) > =3D=3D11019=3D=3D by 0x1F3CE7: connection_read_thread (connection.c:= 1342) > =3D=3D11019=3D=3D by 0x35DFF9: ldap_int_thread_pool_wrapper (tpool.c= :1048) > =3D=3D11019=3D=3D by 0x4DBE668: start_thread (pthread_create.c:479) --------------ms050304040807030706080402 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC C5owggVLMIIEM6ADAgECAhBcqlOYsUipXhgfVtj/CAUVMA0GCSqGSIb3DQEBCwUAMIGCMQsw CQYDVQQGEwJJVDEPMA0GA1UECAwGTWlsYW5vMQ8wDQYDVQQHDAZNaWxhbm8xIzAhBgNVBAoM GkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENsaWVudCBB dXRoZW50aWNhdGlvbiBDQSBHMTAeFw0xOTA1MjQwODA3MTdaFw0yMDA1MjQwODA3MTdaMBwx GjAYBgNVBAMMEXN0ZXBoYW5Ac3JsYWJzLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAmniYbaUHSdjBF3/m+2PVN14GEGxOSwHtd8WxH9mUXKEIW4XuImwNz8AoGfFOHc4D A1Tc/an6lONwAeBgj541N7aKSTxRphKnrJrpJarbUR2FM7u7Km7btUTBT9mm6OmympB+vWKa GkjQo2Gr3GRSfVDNLP/n70H8uthbgwPLuBfBt/dLHFrvYBpPtnH2EQqKc1SELSUPAuo9zaO/ ohwPb7Sss3vMOOtePGL0lcHjWCbdsstZ/DUzek9MQ6F+PkGYee3JSzvyXvrADheqUPHtYPd2 LPu6hZKbAGjoqRYHVbwITZIzu7QWB4YEXFCdMT6XIde5lvA0zR7hhb63HKUVewIDAQABo4IC IDCCAhwwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR+YPz4bKc9Pdeuk6F5Ao+zdCk79TBL BggrBgEFBQcBAQQ/MD0wOwYIKwYBBQUHMAKGL2h0dHA6Ly9jYWNlcnQuYWN0YWxpcy5pdC9j ZXJ0cy9hY3RhbGlzLWF1dGNsaWcxMBwGA1UdEQQVMBOBEXN0ZXBoYW5Ac3JsYWJzLmRlMEcG A1UdIARAMD4wPAYGK4EfARgBMDIwMAYIKwYBBQUHAgEWJGh0dHBzOi8vd3d3LmFjdGFsaXMu aXQvYXJlYS1kb3dubG9hZDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwgegGA1Ud HwSB4DCB3TCBm6CBmKCBlYaBkmxkYXA6Ly9sZGFwMDUuYWN0YWxpcy5pdC9jbiUzZEFjdGFs aXMlMjBDbGllbnQlMjBBdXRoZW50aWNhdGlvbiUyMENBJTIwRzEsbyUzZEFjdGFsaXMlMjBT LnAuQS4vMDMzNTg1MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7Ymlu YXJ5MD2gO6A5hjdodHRwOi8vY3JsMDUuYWN0YWxpcy5pdC9SZXBvc2l0b3J5L0FVVEhDTC1H MS9nZXRMYXN0Q1JMMB0GA1UdDgQWBBSM25yar8W0HyQ52pQLvwam2PQI1zAOBgNVHQ8BAf8E BAMCBaAwDQYJKoZIhvcNAQELBQADggEBADvK449WtB/GFtNr0TNrTnaNbtSuPz5poGt7nyUb neGYazzxvjBPI0a0A+h/++rHcAuYrCNP+/M0PWU3Jv4IDf6YwHGRQdXN4f9xhCtmBnFtfQ22 9anlEBvLZv5uEQSzZ6qhvZkqnq9WQ/ofb9q2GGwPfKa+QM4T8QFv5ZmogdXriH3gf4gJ1fbW 7Ig33y+xYXr8W4lQ3haAShGzV/FleypHafb/3ptGWNq3+diGKPxNpyU1BMq904OPAEBMCa5i 8+8kYsT8ug+t2uSqboWrutgr/y4bYxBrY56cdfgnLBqoHPEBkg8ONHMgiULphoOelPbOjHD0 by5aiDvNToIkdX4wggZHMIIEL6ADAgECAggs1IrTsR4PiTANBgkqhkiG9w0BAQsFADBrMQsw CQYDVQQGEwJJVDEOMAwGA1UEBwwFTWlsYW4xIzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAz MzU4NTIwOTY3MScwJQYDVQQDDB5BY3RhbGlzIEF1dGhlbnRpY2F0aW9uIFJvb3QgQ0EwHhcN MTUwNTE0MDcxNDE1WhcNMzAwNTE0MDcxNDE1WjCBgjELMAkGA1UEBhMCSVQxDzANBgNVBAgM Bk1pbGFubzEPMA0GA1UEBwwGTWlsYW5vMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 ODUyMDk2NzEsMCoGA1UEAwwjQWN0YWxpcyBDbGllbnQgQXV0aGVudGljYXRpb24gQ0EgRzEw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA/MGJVtmI4vQEZb/NCTWrKCkw/gzK 9yerHBHuhj1d5PVsRLYMVzOVl96Iio0tqduTKpPHJ1dn6TGhL3TvWpaxnrNL6nFKpcuz5FO+ d0RpbHmF0dlwo1YbOHLkWI7gZm8aUUicUSJpj504SmONa9J5em9wOmdjDoz0Be4ejgmGMLc/ 84r//lAVefO1NriJTrpGku145OAK2JELBk0rHwQV6qp9Oli98Rvgf3UTuf5jrWObR3YTx8nb AZNpJLCNzydMjYCle6OhzO6RvaQerBoY/erlS551ZydFlzrldSEr9norfYq+tC40/fYX/kzG S8QOcmlSee32IwTG8TOffXMNAgMBAAGjggHVMIIB0TBBBggrBgEFBQcBAQQ1MDMwMQYIKwYB BQUHMAGGJWh0dHA6Ly9vY3NwMDUuYWN0YWxpcy5pdC9WQS9BVVRILVJPT1QwHQYDVR0OBBYE FH5g/Phspz09166ToXkCj7N0KTv1MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiI OsifeGbtifN7OHCUyQICNtAwRQYDVR0gBD4wPDA6BgRVHSAAMDIwMAYIKwYBBQUHAgEWJGh0 dHBzOi8vd3d3LmFjdGFsaXMuaXQvYXJlYS1kb3dubG9hZDCB4wYDVR0fBIHbMIHYMIGWoIGT oIGQhoGNbGRhcDovL2xkYXAwNS5hY3RhbGlzLml0L2NuJTNkQWN0YWxpcyUyMEF1dGhlbnRp Y2F0aW9uJTIwUm9vdCUyMENBLG8lM2RBY3RhbGlzJTIwUy5wLkEuJTJmMDMzNTg1MjA5Njcs YyUzZElUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7YmluYXJ5MD2gO6A5hjdodHRwOi8v Y3JsMDUuYWN0YWxpcy5pdC9SZXBvc2l0b3J5L0FVVEgtUk9PVC9nZXRMYXN0Q1JMMA4GA1Ud DwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEATZPO1SS+QRtKFlhzX2WJ8tl6PliMvMvE D+VbFmeywUukM/JJ/Myad3PcXTpLnWW3AN75uVPByl3NSXczZqUofds6vznmS71Gvq553Jr4 cZBRPQ6GoOjYrYIAT2cFx8A3GJ+N9PxfMKgLdy1/27HeiDVa4TxZNwtkqAIy41EGYm170LhS DTDeJeo/Orwq5FGhs0qp10+OTcSIr5AD4QUIKRrXE4uH/tw8ZMkw21rX/S7mguJdo4Ad4Au3 +ep5naRn6WLMryhO/iKflq8h/d6Vregvq+vClNxrtNnFNf3R7zTl1lA3ipFU909usGVa02jM ftJ0t4utyg3yXYRc7rX3QYAlh3KdNzYToTKstUZwMpRf3VWYJJGuoSmlntbTlNtZEuLr7A+M DOZOrZdKYp9qOruO5MqCSTDsUUkHKLFrQ11Jmix1BvdWQuobwQ5g5qZkuof6/u5rT66WDsU6 +IVt5nthH15E7zU7wULW4uC62XIYPb4YuOBCey+d4Oxs0BZ+SivL6qoDG9XNfk9JpCnaknnY BogfUw3WLb+B5FI/zdNEysWTC4gzMOFfEoVC+myk1zX29xOvLOO3A/jGrRY1LhhY9LhT72Zb 5TQKCeyDH18yIk1st+V/mpJvnePcAYeeMr+onM9rf3AVNctcHrjwXfDVB/1Ht5l5NEl8JBj9 8lQxggP2MIID8gIBATCBlzCBgjELMAkGA1UEBhMCSVQxDzANBgNVBAgMBk1pbGFubzEPMA0G A1UEBwwGTWlsYW5vMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEsMCoG A1UEAwwjQWN0YWxpcyBDbGllbnQgQXV0aGVudGljYXRpb24gQ0EgRzECEFyqU5ixSKleGB9W 2P8IBRUwDQYJYIZIAWUDBAIBBQCgggIvMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJ KoZIhvcNAQkFMQ8XDTE5MTEyODE1MzkyM1owLwYJKoZIhvcNAQkEMSIEILb+contXMUwSpoY +bjTpOSSD1JRO5NsTR8vITqUHRb3MGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUDBAEqMAsG CWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAw BwYFKw4DAgcwDQYIKoZIhvcNAwICASgwgagGCSsGAQQBgjcQBDGBmjCBlzCBgjELMAkGA1UE BhMCSVQxDzANBgNVBAgMBk1pbGFubzEPMA0GA1UEBwwGTWlsYW5vMSMwIQYDVQQKDBpBY3Rh bGlzIFMucC5BLi8wMzM1ODUyMDk2NzEsMCoGA1UEAwwjQWN0YWxpcyBDbGllbnQgQXV0aGVu dGljYXRpb24gQ0EgRzECEFyqU5ixSKleGB9W2P8IBRUwgaoGCyqGSIb3DQEJEAILMYGaoIGX MIGCMQswCQYDVQQGEwJJVDEPMA0GA1UECAwGTWlsYW5vMQ8wDQYDVQQHDAZNaWxhbm8xIzAh BgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3MSwwKgYDVQQDDCNBY3RhbGlzIENs aWVudCBBdXRoZW50aWNhdGlvbiBDQSBHMQIQXKpTmLFIqV4YH1bY/wgFFTANBgkqhkiG9w0B AQEFAASCAQAjwtYcwMK6NjmGAw3mFwZ4wvD5eQPXdnRQM2NYYUHmd+VgkhX9PB5wLwg3ZphB KYhlweOqcRkcUUkD/uYR5+UpDN0DHRmSYCYwGyP2rdQ5xWkZ50BAj7wch5D9dFWAafUTMYl0 Zkvoloxv1fslTaEUdMZfxhLa4enf3Jt8IQUaVArKTcwrrLnrOAh4zfT4oKqVMyyMpz5r0mum l8u3HNDYpMUZV0v0UEB/nCodv5o3NucL1cJph7snGCYX55OeYX6OvkwV0uOwDHiCwLKxN4BY T3h4HXNRf4tXPLNngnByOznQ11xRvYIANBehYr45Q+3S5O6vW+MORqqI8x0sRHCaAAAAAAAA --------------ms050304040807030706080402--
