Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)

To: "Livingston\, John A" <john.a.livingston@boeing.com>
Cc: "512410\@bugs.debian.org" <512410@bugs.debian.org>, "Robertson\, Matthew L" <Matthew.L.Robertson@boeing.com>
Subject: Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
From: Russ Allbery <rra@debian.org>
Date: Wed, 06 Jun 2012 13:59:02 -0700
Message-id: <87mx4grwbt.fsf@windlord.stanford.edu>
Reply-to: Russ Allbery <rra@debian.org>, 512410@bugs.debian.org
In-reply-to: <6A1F4476-0A87-41EF-888D-4FA4BA43AE54@boeing.com> (John A. Livingston's message of "Wed, 6 Jun 2012 15:40:47 -0500")
References: <20120604215444.28606.41987.reportbug@khorium.exmeritus.com> <871uluybhr.fsf@windlord.stanford.edu> <44A1F1CF-AA98-40C6-8264-2658B5F4537C@boeing.com> <87ehpstear.fsf@windlord.stanford.edu> <6A1F4476-0A87-41EF-888D-4FA4BA43AE54@boeing.com>

"Livingston, John A" <john.a.livingston@boeing.com> writes:

> I couldn't (easily) convince sshd to create a core dump, so I just
> started it with gdb attached and then tried a password
> connect. Backtrace is below. Let me know if you want to me to dump out
> anything in particular from any of the frames.

> Program received signal SIGSEGV, Segmentation fault.
> _int_free (av=0x7ffff6653e60, p=0x55544952454d5845) at malloc.c:4892
> 4892    malloc.c: No such file or directory.
> (gdb) where
> #0  _int_free (av=0x7ffff6653e60, p=0x55544952454d5845) at malloc.c:4892
> #1  0x00007ffff634b87c in *__GI___libc_free (mem=<optimized out>)
>     at malloc.c:3738
> #2  0x00007ffff68d182b in default_an_to_ln (
>     context=context@entry=0x5555557fb040, aname=aname@entry=0x5555557fb650,
>     lnsize=lnsize@entry=65, lname=lname@entry=0x7fffffffd760 "")
>     at ../../../../src/lib/krb5/os/an_to_ln.c:632

Ugh.  So it's segfaulting on a routine free().  That means memory
corruption somewhere.

Can you try running sshd -d under valgrind and see if it can spot where
the memory corruption is happening?

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
  - From: John Livingston <John.A.Livingston@boeing.com>
- Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
  - From: Russ Allbery <rra@debian.org>
- Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
  - From: "Livingston, John A" <john.a.livingston@boeing.com>
- Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
  - From: Russ Allbery <rra@debian.org>
- Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
  - From: "Livingston, John A" <john.a.livingston@boeing.com>

Prev by Date: Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
Next by Date: Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
Previous by thread: Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
Next by thread: Bug#512410: openssh-server: sshd segfaults (suppose libc or libpam-mount related)
Index(es):
- Date
- Thread