[Dovecot] Dovecot 1.1.3 Kerberos5 GSSAPI bug (with patch)
Matthew Wesley
weslem-dovecot at uncia.us
Wed Sep 3 19:03:26 EEST 2008
The functionality added in changeset 818a638fa9a3 has a bug for x86_64 on line
103. The src/auth/mech-gssapi.c file must now include stdlib.h to have the
declaration for getenv(). Otherwise, the compiler uses the implicit return type
(int), which truncates the 8-byte pointer getenv() returns to a 4-byte value.
This causes a segfault on subsequent reads. Here is debugger output
illustrating the problem:
(gdb) list 106
101 const char *path;
102
103 path = getenv("KRB5_KTNAME");
104 if (path != NULL) {
105 #ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
106 gsskrb5_register_acceptor_identity(path);
107 #elif defined (HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
108 krb5_gss_register_acceptor_identity(path);
109 #endif
110 }
(gdb) p/x getenv("KRB5_KTNAME")
$32 = 0xb0d7aef7
(gdb) x/s 0xb0d7aef7
0xb0d7aef7: <Address 0xb0d7aef7 out of bounds>
(gdb) x/s 0x7fffb0d7aef7
0x7fffb0d7aef7: "/etc/dovecot/dovecot.keytab"
A Mercurial bundle with a fix is attached, and here is the trivial patch to
put in the needed #include:
diff -r 43e55b9af85b src/auth/mech-gssapi.c
--- a/src/auth/mech-gssapi.c Mon Sep 01 15:02:49 2008 +0300
+++ b/src/auth/mech-gssapi.c Wed Sep 03 11:37:33 2008 -0400
@@ -22,6 +22,8 @@
#include "safe-memset.h"
#ifdef HAVE_GSSAPI
+
+#include <stdlib.h>
#ifndef HAVE___GSS_USEROK
# define USE_KRB5_USEROK
--
UNIX was not designed to stop you from doing stupid things, because that
would also stop you from doing clever things.
-- Doug Gwyn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stdlib.bundle
Type: application/octet-stream
Size: 575 bytes
Desc: stdlib.bundle
Url : http://dovecot.org/pipermail/dovecot/attachments/20080903/edc8cf93/attachment.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20080903/edc8cf93/attachment.bin
More information about the dovecot
mailing list