sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)

• Previous message: Kenny Olano: "RE: Compile sasl2 with mysql support"
• Next in thread: Howard Chu: "RE: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)"
• Reply: Howard Chu: "RE: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I know that sasl-1.5.x is deprecated, but please bear with me. At this time,
I can't upgrade this system to cyrus-sasl-2.1.x.

I'm getting the following segfault when using ldapwhoami (or any other ldap* tool
from openldap) with digest-md5:

0x4035d756 in free () from /lib/libc.so.6
(gdb) bt
#0 0x4035d756 in free () from /lib/libc.so.6
#1 0x4005f30e in ber_memfree (p=0x804c16d) at memory.c:143
#2 0x4001a24c in free_prompts (params=0x804eb20, prompts=0x804ed80) at digestmd5.c:3300
#3 0x4001a93d in c_continue_step (conn_context=0x804ee10, params=0x804eb20, serverin=0x0,
    serverinlen=134541488, prompt_need=0xbfffef04, clientout=0xbfffef0c, clientoutlen=0xbfffeef4,
    oparams=0x804ea88) at digestmd5.c:3705
#4 0x4006ca19 in sasl_client_step (conn=0x0,
    serverin=0x804eec8 "realm=\"teste10.distro.conectiva\",nonce=\"RGLB4ylyXmUNvWVfmemGynHwDCKjiCZyxruM5M99S4A=\",qop=\"auth,auth-int,auth-conf\",cipher=\"rc4-40,rc4-56,rc4\",charset=utf-8,algorithm=md5-sess",
    serverinlen=175, prompt_need=0x8000000, clientout=0x8000000, clientoutlen=0x8000000) at client.c:702
#5 0x40035889 in ldap_int_sasl_bind () from /usr/lib/libldap.so.2
#6 0x400380e4 in ldap_sasl_interactive_bind_s () from /usr/lib/libldap.so.2
#7 0x0804a3e3 in tool_bind (ld=0x804e5f8) at common.c:674
#8 0x080492fc in main (argc=134539568, argv=0xbffff034) at ldapwhoami.c:121
#9 0x40307522 in __libc_start_main () from /lib/libc.so.6

I inserted this debug printfs in the free_prompts loop:
  do {
        printf("ptr=%p, ptr->result=%p\n", ptr, ptr->result); <===========
    if (ptr->result != NULL)
      params->utils->free(ptr->result);

    ptr++;
  } while (ptr->id != SASL_CB_LIST_END);

With MALLOC_CHECK_=1:

# export MALLOC_CHECK_=1
$ ldapwhoami
malloc: using debugging hooks
SASL/DIGEST-MD5 authentication started
Please enter your password:
ptr=0x804f110, ptr->result=0x804e978
ptr=0x804f128, ptr->result=0x804c14d
free(): invalid pointer 0x804c14d!
ptr=0x804f140, ptr->result=0x804f370
SASL username: andreas
SASL realm: teste10.distro.conectiva
SASL SSF: 128
SASL installing layers
dn:uid=andreas,cn=teste10.distro.conectiva,cn=digest-md5,cn=auth
free(): invalid pointer 0x804e978!
free(): invalid pointer 0x804f370!

The first prompt structure is "Authentication Name", the second one is "Authorization Name"
(where it segfaults) and the third one is "Password".

Any hints on where I should look? Or is the problem obvious to someone familiar with sasl?

• Previous message: Kenny Olano: "RE: Compile sasl2 with mysql support"
• Next in thread: Howard Chu: "RE: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)"
• Reply: Howard Chu: "RE: sasl-1.5.27 and openldap-2.1.27 client segfault (bt available)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]