Ubuntu
evolution-mapi package

Evolution MAPI crashes with SIGSEGV in several places

Bug #758993 reported by Michael Poole
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
evolution-mapi (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: evolution-mapi

When configuring the MAPI bridge for Evolution on a machine that uses Kerberos 5, everything works if I use the server's IP address, but it crashes if I use the server's name. This seems to be due to the process linking both libkrb5.so.3 and libgensec.so.0, which have identically named exports with different ABIs.

For example, the first place it crashes is due to libgensec.so.0 calling libkrb5.so.3's krb5_appdefault_string(): The Samba version of this function allows a NULL def_value (default value) parameter, but the Kerberos 5 version crashes because it tries to strdup() the NULL pointer (and strdup(NULL) has undefined behavior according to the C standard).

#0 __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:31
#1 0x00007fffef973b76 in __strdup (s=0x0) at strdup.c:42
#2 0x00007fffeded8d38 in krb5_appdefault_string (context=<value optimized out>, appname=<value optimized out>,
    realm=<value optimized out>, option=<value optimized out>, default_value=0x0, ret_value=0x7fffffffc970)
    at ../../../../src/lib/krb5/krb/appdefault.c:167
#3 0x00007fffdd9ae23e in krb5_appdefault_time () from /usr/lib/libgensec.so.0
#4 0x00007fffdd9cde63 in krb5_get_init_creds_opt_set_default_flags () from /usr/lib/libgensec.so.0
#5 0x00007fffdd90ba9d in kerberos_kinit_password_cc () from /usr/lib/libgensec.so.0
#6 0x00007fffdd915253 in kinit_to_ccache () from /usr/lib/libgensec.so.0
#7 0x00007fffdd913c15 in cli_credentials_get_named_ccache () from /usr/lib/libgensec.so.0

This first crash can be worked around by adding ticket_lifetime and renew_lifetime values to the [appdefaults] section of /etc/krb5.conf. The second place it crashes is a short while later, and does not appear amenable to a workaround:

#0 0x00007fffdd9ce26c in krb5_get_init_creds_opt_set_addressless () from /usr/lib/libgensec.so.0
#1 0x00007fffdd9cdf63 in krb5_get_init_creds_opt_set_default_flags () from /usr/lib/libgensec.so.0
#2 0x00007fffdd90ba9d in kerberos_kinit_password_cc () from /usr/lib/libgensec.so.0
#3 0x00007fffdd915253 in kinit_to_ccache () from /usr/lib/libgensec.so.0
#4 0x00007fffdd913c15 in cli_credentials_get_named_ccache () from /usr/lib/libgensec.so.0

Judging from the assembly code, the line that faults is this one from samba4/heimdal/lib/krb5/init_creds.c:

  opt->opt_private->addressless = KRB5_INIT_CREDS_TRISTATE_TRUE;

where the "opt" struct appears to use the definition and layout from libkrb5.so.3, which is missing several fields that the Samba library expects (opt_private being one of them).

Ubuntu: 10.10
libgensec0: 4.0.0~alpha13+git+bzr12984.dfsg1-0ubuntu1
libkrb5-3: 1.8.1+dfsg-5ubuntu0.6
evolution-mapi: 0.30.3-1ubuntu1
evolution: 2.30.3-1ubuntu7.3
(other package versions available upon request)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.