Issue #49649: pwdhash segfaults when CRYPT storage scheme is used - 389-ds-base

389-ds-base

#49649 pwdhash segfaults when CRYPT storage scheme is used

Closed: wontfix 5 years ago Opened 6 years ago by mreynolds.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1570649

Description of problem:
pwdhash -s CRYPT Secret123
Segmentation fault (core dumped)

Version-Release number of selected component (if applicable):
389-ds-base-1.3.7.5-18.el7.x86_64

How reproducible:
always


Additional info:
(gdb) r
Starting program: /usr/bin/pwdhash -s CRYPT Secret123
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
__GI___pthread_mutex_lock (mutex=mutex@entry=0x0) at
../nptl/pthread_mutex_lock.c:66
66        unsigned int type = PTHREAD_MUTEX_TYPE_ELISION (mutex);
(gdb) bt
#0  __GI___pthread_mutex_lock (mutex=mutex@entry=0x0) at
../nptl/pthread_mutex_lock.c:66
#1  0x00007ffff60a4ed9 in PR_Lock (lock=0x0) at
../../../nspr/pr/src/pthreads/ptsynch.c:176
#2  0x00007ffff09aaef1 in crypt_pw_enc_by_hash (pwd=0x555555f5a4e0 "Secret123",
hash_algo=0) at ldap/servers/plugins/pwdstorage/crypt_pwd.c:116
#3  0x0000555555555cdf in main (argc=4, argv=0x7fffffffddc8) at
ldap/servers/slapd/tools/pwenc.c:243

Metadata Update from @mreynolds:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1570649

6 years ago

mreynolds commented 6 years ago

This fix just removes the lock, and uses reentrant crypt_r() instead.

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to review
- Custom field type adjusted to None
- Custom field version adjusted to None

6 years ago

spichugi commented 6 years ago

dirsrvtests/tests/suite/password passes on 389-ds-base-1.4.0.8-20180424git45fefd5.fc27.x86_64
and 'pwdhash -s CRYPT Secret123' doesn't give a segfault.

Also, the code looks good to me. Seems pretty straightforward according to https://linux.die.net/man/3/crypt_r

Ack from me.

mreynolds commented 6 years ago

Thanks @spichugi

d357888..530a2db master -> master

8505cb8..183bacd 389-ds-base-1.3.8 -> 389-ds-base-1.3.8

f0eaa2a..9b1ad54 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to ack (was: review)

6 years ago

mreynolds commented 5 years ago

a589008..2817f0c 389-ds-base-1.3.8 -> 389-ds-base-1.3.8

056d75c..f30e15c 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

master branch had the correct header

Metadata Update from @mreynolds:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

5 years ago

spichugi commented 3 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2708

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)

3 years ago

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

1.3.7.0

reviewstatus

ack

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1570649

origin

None

Attachments 1

0001-Ticket-49649-Use-reentrant-crypt_r.patch

Attached 6 years ago View Comment

389-ds-base

Source Code

#49649 pwdhash segfaults when CRYPT storage scheme is used Closed: wontfix 5 years ago Opened 6 years ago by mreynolds.

Metadata

Attachments 1

#49649 pwdhash segfaults when CRYPT storage scheme is used

Closed: wontfix 5 years ago Opened 6 years ago by mreynolds.