Bug 8446 - While running the "net ads gpo list" command it is possible for the net command to produce a segmentation fault
Summary: While running the "net ads gpo list" command it is possible for the net comma...
Status: RESOLVED WORKSFORME
Alias: None
Product: Samba 3.5
Classification: Unclassified
Component: Client Tools (show other bugs)
Version: 3.5.11
Hardware: x64 Linux
: P5 minor
Target Milestone: ---
Assignee: Guenther Deschner
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-08 22:25 UTC by Joshua Hawkinson (mail address dead)
Modified: 2014-01-08 14:19 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joshua Hawkinson (mail address dead) 2011-09-08 22:25:00 UTC 
While playing around to see if the new GPO facilities of net were useful I've stumbled across a seg fault.  Even while running the command under debug 10 the fault was not apparent.  We have a preload that loads in a signal handler and gdb that dumps back traces though.  This is easily reproducible by running the following steps

1) join an ADS domain
2) attempt to list the GPOs for the administrator account
   net ads gpo list administrator --machine-pass, or -Uadministrator%password

The problem here is that it looks like the net utility doesn't pickup the signal so there is no panic / backtrace in the samba logs... so you'll need a debugging tool to catch it... Here however is the backtrace reported on my system

-sh-3.2# cat /tmp/segv_net.27945.out
0xffffe430 in __kernel_vsyscall ()
#0  0xffffe430 in __kernel_vsyscall ()
No symbol table info available.
#1  0xf6da1bf3 in __waitpid_nocancel () from /lib/libc.so.6
No symbol table info available.
#2  0xf6d3e3ab in do_system () from /lib/libc.so.6
No symbol table info available.
#3  0xf709842e in segv_handler () from /lib/segv_handler.so
No symbol table info available.
#4  <signal handler called>
No symbol table info available.
#5  0xf73090ff in ndr_print_security_descriptor ()
No symbol table info available.
#6  0xf7303c5f in ndr_print_debug ()
No symbol table info available.
#7  0xf75f89f8 in dump_gpo ()
No symbol table info available.
#8  0xf75f8a38 in dump_gpo_list ()
No symbol table info available.
#9  0xf718e36e in net_ads_gpo_list ()
No symbol table info available.
#10 0xf718b180 in net_run_function ()
No symbol table info available.
#11 0xf718ea7a in net_ads_gpo ()
No symbol table info available.
#12 0xf718b180 in net_run_function ()
No symbol table info available.
#13 0xf715a2a5 in net_ads ()
No symbol table info available.
#14 0xf718b180 in net_run_function ()
No symbol table info available.
#15 0xf7153afa in main ()
No symbol table info available.
A debugging session is active.

        Inferior 1 [process 27945] will be detached.

Quit anyway? (y or n) [answered Y; input not from terminal]

This is a stock 2003r2 domain controller... virtually no modifications.
Comment 1 Volker Lendecke 2011-09-09 08:34:03 UTC 
Can you install the debuginfo packages and run the command under valgrind?
Comment 2 Guenther Deschner 2014-01-08 14:19:43 UTC 
Could not reproduce (and tried hard). Closing.