received signal SIGSEGV, Segmentation fault. malloc_consolidate (av=0x7ffff5e2de80) at malloc.c:5196

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Dec 12 19:00:26 CET 2013


> BT: 
> rad_recv: Access-Request packet from host 127.0.0.1 port 42335, id=16, length=103
>        User-Name = 'hachmer'
>        User-Password = 'pass'
>        NAS-IP-Address = 127.0.0.1
>        NAS-Port = 0
>        Message-Authenticator = 0xecaf11b4272d31821075a076004c4808
> (4) # Executing section authorize from file /etc/raddb/sites-enabled/default
> (4)   authorize {
> (4)   filter_username filter_username {
> (4)    ? if (User-Name != "%{tolower:%{User-Name}}") 
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x00007ffff5b04285 in malloc_consolidate () from /lib64/libc.so.6

*sigh* It's a double free in libkrb5.

They free ctx->plugin_base_dir in krb5_free_context, but don't strdup it in krb5_copy_context.

The proper struct is hidden, only the type is exposed

FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131212/b3e6b0e9/attachment.pgp>


More information about the Freeradius-Users mailing list