Bug 4190 - Sementation fault when using password component of pam_winbind
Summary: Sementation fault when using password component of pam_winbind
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.23c
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
URL: http://bugs.debian.org/395315
Keywords:
Depends on:
Blocks:
 
Reported: 2006-10-26 12:52 UTC by Christian Perrier (dead mail address)
Modified: 2006-11-29 13:58 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Perrier (dead mail address) 2006-10-26 12:52:07 UTC
From our user:

/usr/bin/passwd crashes with "Segmentation fault" when changing password.

passwd: password updated successfully
Segmentation fault

The password is acually changed OK, the crash comes during PAM cleanup.

The problem seems to be these lines form pam_sm_chauthtok() in
source/nsswitch/pam_winbind.c:

...
		time_t pwdlastset_prelim = 0;
...
		pam_set_data(pamh, PAM_WINBIND_PWD_LAST_SET, (void *)pwdlastset_prelim,  _pam_winbind_cleanup_func);
...

Although this strange type conversion from (time_t) to (void *) seems to work,
bad things happen when _pam_winbind_cleanup_func() cllas free() on the value
during PAM cleanup.

Using

pam_set_data( ... , NULL);

instead seems to resolve this problem (I do not know if NULL is allowed
for this argument. It seems to work).
Comment 1 Christian Perrier (dead mail address) 2006-11-29 13:54:26 UTC
Our users reports that the bug has been fixed in 3.0.23d. If he's right, I suggest setting that bug report to FIXED
Comment 2 Guenther Deschner 2006-11-29 13:58:14 UTC
Yes, I did fix that (and wasn't even aware of this good error report ;-)).

Thanks.