smbclient crashed with SIGSEGV in strlen()

StacktraceTop:strlen () from /lib/tls/i686/cmov/libc.so.6
strdup () from /lib/tls/i686/cmov/libc.so.6
cli_list_new () from /usr/bin/smbclient
cli_list () from /usr/bin/smbclient
do_list () from /usr/bin/smbclient

same thing happened to me when trying to use the "ls" command in smbclient.

The same happens to me

richard@richard-laptop:~$ smbclient //192.168.1.105/VIDEO -N
Domain=[WORKGROUP] OS=[R] Server=[R]
smb: \> ls
cli_list_new: Error: unable to parse name from info level 1
Segmentation fault

The following is in /var/log/messages

Nov 1 03:37:47 richard-laptop kernel: [ 2074.222718] smbclient[9222]: segfault at 0 ip b7a672c3 sp bfa65abc error 4 in libc-2.8.90.so[b79f0000+158000]

Entering the following URL in nautilus: smb://192.168.1.105/VIDEO, in a odd fashion, nautilus changes to my home directory.

The following in /var/log/messages

Nov 1 03:43:06 richard-laptop kernel: [ 2392.915829] gvfsd-smb[9472]: segfault at 0 ip b79472c3 sp b73c1c9c error 4 in libc-2.8.90.so[b78d0000+158000]

I should also point out that the NAS I was using in the examples above was a:

Iomega Home Network Harddrive

http://www.iomega-europe.com/section?SID=86c57e53b9aa65a3d50a6a655559f6727dd:4745&secid=76622

same problem with my laptop on ubuntu 8.10:

xxxxx@ubuntu:/etc/samba$ smbclient //fnd/public
Enter xxxxxx's password:
Domain=[ȇ] OS=[] Server=[���]
smb: \> ls
cli_list_new: Error: unable to parse name from info level 1
Erreur de segmentation

* Note1: FND is a freecom ethernet hdd
* Note2: no problem with my eeepc on eeebuntu to access the content of FND
* Note3: i have another ethernet HDD (a ASUS one) and for this one I can list contents of the shares using smbclient on my ubuntu laptop

thx

I took the name from deb file, I hoe it's all right...

Here's the quick workaround. I'm neither samba nor Ubuntu developer - it's just a fix for this particular crash. I haven't go faintest idea about the actual source of the problem.

$ diff -u samba-3.2.3/source/libsmb/clilist.c samba-3.2.3/source/libsmb/clilist.c.orig
--- samba-3.2.3/source/libsmb/clilist.c 2008-11-16 18:22:03.399036086 +0000
+++ samba-3.2.3/source/libsmb/clilist.c.orig 2008-08-27 12:23:20.000000000 +0100
@@ -417,7 +417,7 @@
   }

   SAFE_FREE(mask);
- if (ff_searchcount > 0 && finfo.name) {
+ if (ff_searchcount > 0) {
    mask = SMB_STRDUP(finfo.name);
   } else {
    mask = SMB_STRDUP("");

I was using https://wiki.ubuntu.com/PbuilderHowto to build the binary. The deb file generated by me (one of 15 deb files pbuild has creaded) is attached. it. It works for me.

BTW. Could someone from Samba and/or Ubuntu development team take a look at that and release a proper deb file, please?

Cheers,
Tomek

I've just noticed the patch is reversed. It should be:

$ diff -u samba-3.2.3/source/libsmb/clilist.c.orig samba-3.2.3/source/libsmb/clilist.c
--- samba-3.2.3/source/libsmb/clilist.c.orig 2008-08-27 12:23:20.000000000 +0100
+++ samba-3.2.3/source/libsmb/clilist.c 2008-11-16 18:22:03.399036086 +0000
@@ -417,7 +417,7 @@
   }

   SAFE_FREE(mask);
- if (ff_searchcount > 0) {
+ if (ff_searchcount > 0 && finfo.name) {
    mask = SMB_STRDUP(finfo.name);
   } else {
    mask = SMB_STRDUP("");

Cheers
Tomek

Hi,

I've just noticed that my patch stops samba from crashing but not all flies are visible.

Cheers,
Tomek

Hi,

There was an update of samba but it still does NOT work for me.

I've got samba and libsmbclient in version 2:3.2.3-1ubuntu3.1 and the same bug is still present. I've applied my patch and the behaviour is unchanged. Without the patch it crashes, with the patch it works but no all files are visible.

Cheers,
Tomek

I am now running smbclient 3.2.3 I am still experiencing the same problem with my NAS an Iomega Home Network Harddrive.

This is 100% reproducable on my setup, I would really appreciate if this bug can be looked at as it is the biggest hassle I have after upgrading to Intrepid Ibex.

Could you determine what version of samba the affected NAS are running ? It might be a variant of bug 286828.

Mine is simply called LanDrive: http://www.usbex.com/landrive/

The NAS is Iomega Home Network Harddrive, the 500mb model.

IOMega website Link:
http://www.iomega-europe.com/section?SID=86c57e53b9aa65a3d50a6a655559f6727dd:4745&secid=76622

The NAS It is running the most current firmware K1.08 L1.0 W1.5
Downloadable here http://is.gd/9VJ3

The NAS is pretty much a closed box and I do not know how to diagnose which version of Samba it is running, if you can send me instructions on how to determine the Samba version on the NAS I could run them.

This is some output of communicating with the device

richard@richard-laptop:~$ smbclient -L 192.168.1.102 -U%
Domain=[WORKGROUP] OS=[R] Server=[R]

 Sharename Type Comment
 --------- ---- -------
 MUSIC Disk
 VIDEO Disk
 PHOTO Disk
 DOCS Disk
 SOFTWARE Disk
 DOWNLOADS Disk
 David Green Disk
 PUBLIC Disk
 BACKUP Disk
 IPC$ IPC
Domain=[WORKGROUP] OS=[R] Server=[R]

 Server Comment
 --------- -------

 Workgroup Master
 --------- -------
richard@richard-laptop:~$

would it help if I capture packets as documented here:
http://wiki.samba.org/index.php/Capture_Packets

The server name is apparently hidden in the server output ("[R]").
It's a probably a separate issue from bug 286828, since it shows directly using smbclient.

What happens if you try to mount the share (through /etc/fstab or directly using nautilus) ?

Accessing directly through Nautilus fails, see bug 264943 (gvfsd-smb crashed with SIGSEGV in strlen()), In very much the same way because both seem to use libsmbclient.so.0 underneath.

The nautilus UI also crashes and sends you to your home directory. e.g. if I type smb://192.168.1.106/video, it will start - crash - then the nautilus view will become /home/richard

Mounting using this method does work:

sudo smbmount \\\\192.168.1.102\\video video

I will attempt /etc/fstab when I get home (the notebook is used away from the NAS, and then I connect in the evenings), but I predict it will also work like the smbmount command.

I find the method of using Nautilus the most convenient way for me to access this device.

I post here since we talk about smbclient here, and I feel it makes more sense here than in the duplicate bug.

Same problem on my NAS, a Packard Bell Netstore 3500 device.

Fully patched Intrepid amd64.

I tried the -d2 switch which has among others these messages:
tdb(unnamed): tdb_open_ex: could not open file /var/run/samba/gencache.tdb: Permission denied
tdb(unnamed): tdb_open_ex: could not open file /var/run/samba/unexpected.tdb: No such file or directory
error connecting to 192.168.1.33:445 (Connection refused)
Connecting to 192.168.1.33 at port 139

I am asked for a password even though this is disabled on the NAS-device. I hit Enter with an empty password:

Enter username's password:
Domain=[ȇ] OS=[] Server=[���]
dos_clean_name [(null)]
smb: \> cd test
dos_clean_name [\test\]
unix_clean_name [\test\]
dos_clean_name [\test\\]
unix_clean_name [\test\]

smb: \test\>
smb: \test\> ls
cli_list_new: Error: unable to parse name from info level 1
Segmentation fault

/var/log/messages has:
Dec 13 14:50:32 my-desktop kernel: [ 2246.564624] smbclient[6080]: segfault at 0 ip 00007f9ea2a6c6b0 sp 00007fffad2b4bf8 error 4 in libc-2.8.90.so[7f9ea29ea000+169000]

To Ubuntu Intrepid users experiencing these bugs:

For Debian, I prepared samba 3.2.5 packages that supposedly fix them:

  * Fix segfault whan accessign some NAS devices running old versions of Samba
    Closes: #500129
  * Fix process crush when using gethostbyname_r in several threads
    Closes: #509101, #510450

It would help a lot if you could test these packages. I suppose they
will work properly on Ubuntu Intrepid but I haven't check this in
reality.

These packages are apt-get'able:

deb http://pkg-samba.alioth.debian.org/packages-prospective/ ./
deb-src http://pkg-samba.alioth.debian.org/packages-prospective/ ./

Please note that using this source will upgrade any existing samba
binary package on your systems. No *other* package should be upgraded
by this operation.

If you use aptitude, I recommend you "simpulate" the upgrade:

aptitude update
aptitude -s upgrade

Please also note that reverting back to official Ubuntu packages would
be recommended after this test, otherwise you might be later left
with packages for which no more security updates will come.

Still, if some of you could test and report if issues are fixed, that
would help greatly to improve samba packages in Debian, which in turn
will participate to the improvement of samba packages in Ubuntu.