Debug logs kill radiusd on AlmaLinux 9.2 with SIGSEGV

Gerald Vogt vogt at spamcop.net
Fri May 26 15:23:34 UTC 2023 

Hi!

I am in the process of setting up freeradius-3.0.21-37.el9.x86_64 on a 
new AlmaLinux 9.2 server to migrate from our old centos 7 servers.

I have noticed that the server crashes with a segmentation fault if I 
enable debug logs (e.g. radiusd -X or with raddebug) and run a test with 
EAP-TLS.

The test works fine and succeeds without debug logging. So it's 
something which only happens during debug logging.

gdb backtrace from the core dump is

#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:74
#1  0x00007ff611284268 in __vfprintf_internal (s=s at entry=0x7ffcc44437e0, 
format=format at entry=0x564c843544b8 "(TLS) Creating attributes from %s 
certificate", ap=ap at entry=0x7ffcc44439c0,
     mode_flags=mode_flags at entry=2) at vfprintf-internal.c:1647
#2  0x00007ff61129487a in __vsnprintf_internal (string=0x7ffcc4443a20 
"(TLS) Creating attributes from ServerHelloDone\"\n", maxlen=<optimized 
out>,
     format=0x564c843544b8 "(TLS) Creating attributes from %s 
certificate", args=0x7ffcc44439c0, mode_flags=2) at vsnprintf.c:114
#3  0x00007ff611bec5dc in vsnprintf (__ap=0x7ffcc44439c0, 
__fmt=0x564c843544b8 "(TLS) Creating attributes from %s certificate", 
__n=10240,
     __s=0x7ffcc4443a20 "(TLS) Creating attributes from 
ServerHelloDone\"\n") at /usr/include/bits/stdio2.h:68
#4  vradlog_request (type=L_DBG, lvl=<optimized out>, 
request=0x564c85de2a30, msg=0x564c843544b8 "(TLS) Creating attributes 
from %s certificate", ap=0x7ffcc4446270) at src/main/log.c:695
#5  0x00007ff611bec801 in radlog_request (type=<optimized out>, 
lvl=<optimized out>, request=<optimized out>, msg=<optimized out>) at 
src/main/log.c:787
#6  0x0000564c8433b992 in ?? ()
#7  0x0000564c85c96368 in ?? ()
#8  0x0000564c85bf5aa0 in ?? ()
#9  0x3232363000000001 in ?? ()
#10 0x0000564c85c962d0 in ?? ()
#11 0x0000000000000003 in ?? ()
#12 0x3461626338663361 in ?? ()
#13 0x0000564c85d87380 in ?? ()
#14 0x0000564c85c96328 in ?? ()
#15 0x3039363639633635 in ?? ()
#16 0x6566323131383235 in ?? ()
#17 0x3563666364323264 in ?? ()
#18 0x0000000000000000 in ?? ()

It happens during handshake:

(11)   Auth-Type eap {
(11) eap: Expiring EAP session with state 0x923d2dbc9836205f
(11) eap: Finished EAP session with state 0x923d2dbc9836205f
(11) eap: Previous EAP request found for state 0x923d2dbc9836205f, 
released from the list
(11) eap: Peer sent packet with method EAP TLS (13)
(11) eap: Calling submodule eap_tls to process data
(11) eap_tls: (TLS) EAP Got final fragment (24 bytes)
(11) eap_tls: (TLS) EAP Done initial handshake
(11) eap_tls: (TLS) Handshake state - Server SSLv3/TLS write server done
(11) eap_tls: (TLS) recv TLS 1.2 Handshake, Certificate
Segmentation fault (core dumped)

Tested with two different client certificates...

Regards,

Gerald

More information about the Freeradius-Users mailing list