Dumps core upon malformed /etc/krb5.conf
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
portable OpenSSH |
Invalid
|
Undecided
|
Unassigned | ||
openssh-krb5 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: ssh-krb5
The ssh-client in ssh-krb5 dumps core with a malformed /etc/krb5.conf. To reproduce, set the default_
berge@orakel-
Try to ssh somewhere:
berge@orakel-
OpenSSH_3.8.1p1 Debian-krb5 3.8.1p1-10build1, OpenSSL 0.9.8b 04 May 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to login.samfundet.no [129.241.93.19] port 22.
debug1: Connection established.
debug1: identity file /home/berge/
debug1: identity file /home/berge/
debug1: identity file /home/berge/
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1 Debian-krb5 3.8.1p1-10
debug1: match: OpenSSH_3.8.1p1 Debian-krb5 3.8.1p1-10 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-
debug3: Trying to reverse map address 129.241.93.19.
debug1: Miscellaneous failure
Improper format of Kerberos configuration file
debug1: Miscellaneous failure
Improper format of Kerberos configuration file
*** glibc detected *** ssh: free(): invalid pointer: 0xbff470ec ***
======= Backtrace: =========
/lib/tls/
/lib/tls/
/usr/lib/
/usr/lib/
ssh[0x8070a50]
ssh[0x8070c64]
ssh[0x8058d23]
ssh[0x805333c]
ssh[0x804d3e0]
/lib/tls/
ssh[0x804bda1]
======= Memory map: ========
08048000-08081000 r-xp 00000000 08:02 1749910 /usr/bin/ssh
08081000-08082000 rw-p 00039000 08:02 1749910 /usr/bin/ssh
08082000-080a5000 rw-p 08082000 00:00 0 [heap]
b7a00000-b7a21000 rw-p b7a00000 00:00 0
b7a21000-b7b00000 ---p b7a21000 00:00 0
b7b9f000-b7ba9000 r-xp 00000000 08:02 2472282 /lib/libgcc_s.so.1
b7ba9000-b7baa000 rw-p 00009000 08:02 2472282 /lib/libgcc_s.so.1
b7baa000-b7bae000 r-xp 00000000 08:02 2469238 /lib/tls/
b7bae000-b7bb0000 rw-p 00003000 08:02 2469238 /lib/tls/
b7bb0000-b7bb9000 r-xp 00000000 08:02 2469240 /lib/tls/
b7bb9000-b7bbb000 rw-p 00008000 08:02 2469240 /lib/tls/
b7bbb000-b7bc3000 r-xp 00000000 08:02 2469244 /lib/tls/
b7bc3000-b7bc5000 rw-p 00007000 08:02 2469244 /lib/tls/
b7bc5000-b7bcc000 r-xp 00000000 08:02 2469236 /lib/tls/
b7bcc000-b7bce000 rw-p 00006000 08:02 2469236 /lib/tls/
b7bce000-b7bd0000 rw-p b7bce000 00:00 0
b7bd0000-b7bd2000 r-xp 00000000 08:02 2469213 /lib/tls/
b7bd2000-b7bd4000 rw-p 00001000 08:02 2469213 /lib/tls/
b7bd4000-b7d01000 r-xp 00000000 08:02 2469194 /lib/tls/
b7d01000-b7d03000 r--p 0012c000 08:02 2469194 /lib/tls/
b7d03000-b7d05000 rw-p 0012e000 08:02 2469194 /lib/tls/
b7d05000-b7d08000 rw-p b7d05000 00:00 0
b7d08000-b7d17000 r-xp 00000000 08:02 2469260 /lib/tls/
b7d17000-b7d19000 rw-p 0000f000 08:02 2469260 /lib/tls/
b7d19000-b7d1b000 rw-p b7d19000 00:00 0
b7d1b000-b7d1d000 r-xp 00000000 08:02 2469179 /lib/libcom_
b7d1d000-b7d1e000 rw-p 00001000 08:02 2469179 /lib/libcom_
b7d1e000-b7d22000 r-xp 00000000 08:02 1754792 /usr/lib/
b7d22000-b7d23000 rw-p 00003000 08:02 1754792 /usr/lib/
b7d23000-b7d47000 r-xp 00000000 08:02 1754789 /usr/lib/
b7d47000-b7d48000 rw-p 00023000 08:02 1754789 /usr/lib/
b7d48000-b7d49000 rw-p b7d48000 00:00 0
b7d49000-b7dc3000 r-xp 00000000 08:02 1754791 /usr/lib/
b7dc3000-b7dc5000 rw-p 0007a000 08:02 1754791 /usr/lib/
b7dc5000-b7de0000 r-xp 00000000 08:02 1754788 /usr/lib/
b7de0000-b7de1000 rw-p 0001b000 08:02 1754788 /usr/lib/
b7de1000-b7de6000 r-xp 00000000 08:02 2469206 /lib/tls/
b7de6000-b7de8000 rw-p 00004000 08:02 2469206 /lib/tls/
b7de8000-b7e0f000 rw-p b7de8000 00:00 0
b7e0f000-b7e21000 r-xp 00000000 08:02 2469234 /lib/tls/
b7e21000-b7e23000 rw-p 00011000 08:02 2469234 /lib/tls/
b7e23000-b7e25000 rw-p b7e23000 00:00 0
b7e25000-b7e38000 r-xp 00000000 08:02 1752782 /usr/lib/
b7e38000-b7e39000 rw-p 00012000 08:02 1752782 /usr/lib/
b7e39000-b7e3b000 r-xp 00000000 08:02 2472280 /lib/tls/
b7e3b000-b7e3d000 rw-p 00001000 08:02 2472280 /lib/tls/
b7e3d000-b7e3e000 rw-p b7e3d000 00:00 0
b7e3e000-b7f60000 r-xp 00000000 08:02 1815904 /usr/lib/
b7f60000-b7f75000 rw-p 00121000 08:02 1815904 /usr/lib/
b7f75000-b7f78000 rw-p b7f75000 00:00 0
b7f78000-b7f87000 r-xp 00000000 08:02 2469264 /lib/tls/
b7f87000-b7f89000 rw-p 0000f000 08:02 2469264 /lib/tls/
b7f89000-b7f8b000 rw-p b7f89000 00:00 0
b7f9d000-b7f9f000 rw-p b7f9d000 00:00 0
b7f9f000-b7fb8000 r-xp 00000000 08:02 2473770 /lib/ld-2.4.so
b7fb8000-b7fba000 rw-p 00018000 08:02 2473770 /lib/ld-2.4.so
bff33000-bff48000 rw-p bff33000 00:00 0 [stack]
ffffe000-fffff000 ---p 00000000 00:00 0 [vdso]
Aborted (core dumped)
The sensible action would probably be to inform the user that the configuration file is malformed, and exit gracefully. The even better thing to do, would be to continue anyway.
This bug might be related to bug #50680.
Changed in openssh-krb5: | |
status: | Unconfirmed → Confirmed |
outdated version; no more support expected