Bug 14344 - smbclient core with double free (with unresolved krb5 credential cache)
Summary: smbclient core with double free (with unresolved krb5 credential cache)
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Tools (show other bugs)
Version: 4.11.7
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
: 14353 (view as bug list)
Depends on:
Blocks:
 
Reported: 2020-04-14 11:04 UTC by Noel Power
Modified: 2020-04-22 07:24 UTC (History)
2 users (show)

See Also:


Attachments
propsed patch for master (3.70 KB, patch)
2020-04-14 11:07 UTC, Noel Power
no flags Details
propsed patch for master (3.69 KB, patch)
2020-04-14 11:17 UTC, Noel Power
vl: review+
Details
patch for 4.11 cherry picked from master (3.88 KB, patch)
2020-04-15 09:02 UTC, Noel Power
vl: review+
Details
patch for 4.12 cherry picked from master (3.88 KB, patch)
2020-04-15 09:02 UTC, Noel Power
vl: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Noel Power 2020-04-14 11:04:22 UTC

    
Comment 1 Noel Power 2020-04-14 11:07:05 UTC
Created attachment 15908 [details]
propsed patch for master
Comment 2 Noel Power 2020-04-14 11:12:27 UTC
If there is a problem reading credential cache then smbclient can core with double free.

e.g. something like

smbclient -L //foo.bar.com

can result in


Enter TUX-NET\tux's password: 
Failed to resolve credential cache 'DIR:/run/user/1000/krb5cc'! (No credentials cache found)
*** Error in `smbclient': double free or corruption (fasttop): 0x0000560cd2ea8890 ***
Aborted (core dumped)
Comment 3 Noel Power 2020-04-14 11:17:57 UTC
Created attachment 15909 [details]
propsed patch for master

new version (fixed a typo)
Comment 4 Noel Power 2020-04-15 09:02:20 UTC
Created attachment 15911 [details]
patch for 4.11 cherry picked from master
Comment 5 Noel Power 2020-04-15 09:02:40 UTC
Created attachment 15912 [details]
patch for 4.12 cherry picked from master
Comment 6 Noel Power 2020-04-15 09:04:03 UTC
assign to Karolin for 4.12 & 4.11 inclusion
Comment 7 Karolin Seeger 2020-04-15 11:57:37 UTC
(In reply to Noel Power from comment #6)
Pushed to autobuild-v4-{11,12}-test.
Comment 8 Karolin Seeger 2020-04-17 08:53:34 UTC
(In reply to Karolin Seeger from comment #7)
Pushed to both branches.
Closing out bug report.

Thanks!
Comment 9 Stefan Metzmacher 2020-04-22 07:24:23 UTC
*** Bug 14353 has been marked as a duplicate of this bug. ***