Matthew Wesley
2008-Sep-03 16:03 UTC
[Dovecot] Dovecot 1.1.3 Kerberos5 GSSAPI bug (with patch)
The functionality added in changeset 818a638fa9a3 has a bug for x86_64 on line
103. The src/auth/mech-gssapi.c file must now include stdlib.h to have the
declaration for getenv(). Otherwise, the compiler uses the implicit return type
(int), which truncates the 8-byte pointer getenv() returns to a 4-byte value.
This causes a segfault on subsequent reads. Here is debugger output
illustrating the problem:
(gdb) list 106
101 const char *path;
102
103 path = getenv("KRB5_KTNAME");
104 if (path != NULL) {
105 #ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
106 gsskrb5_register_acceptor_identity(path);
107 #elif defined (HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
108 krb5_gss_register_acceptor_identity(path);
109 #endif
110 }
(gdb) p/x getenv("KRB5_KTNAME")
$32 = 0xb0d7aef7
(gdb) x/s 0xb0d7aef7
0xb0d7aef7: <Address 0xb0d7aef7 out of bounds>
(gdb) x/s 0x7fffb0d7aef7
0x7fffb0d7aef7: "/etc/dovecot/dovecot.keytab"
A Mercurial bundle with a fix is attached, and here is the trivial patch to
put in the needed #include:
diff -r 43e55b9af85b src/auth/mech-gssapi.c
--- a/src/auth/mech-gssapi.c Mon Sep 01 15:02:49 2008 +0300
+++ b/src/auth/mech-gssapi.c Wed Sep 03 11:37:33 2008 -0400
@@ -22,6 +22,8 @@
#include "safe-memset.h"
#ifdef HAVE_GSSAPI
+
+#include <stdlib.h>
#ifndef HAVE___GSS_USEROK
# define USE_KRB5_USEROK
--
UNIX was not designed to stop you from doing stupid things, because that
would also stop you from doing clever things.
-- Doug Gwyn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stdlib.bundle
Type: application/octet-stream
Size: 575 bytes
Desc: stdlib.bundle
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20080903/edc8cf93/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20080903/edc8cf93/attachment-0002.bin>
Timo Sirainen
2008-Sep-11 15:49 UTC
[Dovecot] Dovecot 1.1.3 Kerberos5 GSSAPI bug (with patch)
On Wed, 2008-09-03 at 12:03 -0400, Matthew Wesley wrote:> The functionality added in changeset 818a638fa9a3 has a bug for x86_64 on line > 103. The src/auth/mech-gssapi.c file must now include stdlib.h to have the > declaration for getenv(). Otherwise, the compiler uses the implicit return type > (int), which truncates the 8-byte pointer getenv() returns to a 4-byte value.Thanks, fixed.> A Mercurial bundle with a fix is attached, and here is the trivial patch to > put in the needed #include:Sorry, I didn't notice the bundle first so you didn't get your name to the commit. Maybe next time. :) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20080911/3da85b27/attachment-0002.bin>