This bug was fixed in the package krb5 - 1.12+dfsg-2ubuntu5
---------------
krb5 (1.12+dfsg-2ubuntu5) trusty; urgency=low
* Use ADD_METHOD_NOLOOP rather than ADD_METHOD for new GSS-API entry
points, avoids infinite recursive loop when a mechanism doesn't
provide an entry point and does include calls back into the mechglue
(LP: #1326500)
* Make libkadm5srv-mit8 be arch: any multi-arch: same to work around
upgrade bug (LP: #1334052)
* Use tailq macros to work around GCC 4.8 optimizer bug and prevent
infinite loop for database propagation (LP: #1347147)
-- Sam Hartman <hartm...@debian.org> Wed, 30 Jul 2014 21:06:49 -0400
** Changed in: krb5 (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1326500
Title:
libgssapi-krb5-2: segfault when mechglue loops endlessly on call to
gss_add_cred_from
Status in krb5 package in Ubuntu:
Fix Released
Status in krb5 source package in Trusty:
Fix Released
Bug description:
There's a bug fixed in krb5 1.12.1+dfsg-2 (just uploaded to Debian) where if
a gss-api mechanism is dynamically loaded, and that mechanism uses symbols from
libgssapi_krb5, and doesn't provide certain optional entry points added in krb5
1.12, then calling one of those entry points will cause the mechglue to call
itself. This results in an endless loop and the process eventually crashes on
stack exhaustion.
Unfortunately, one of the entry points, gss_add_cred_from is going to get
called quite commonly.
So, this means that if you're using Ubuntu to develop a GSS-API mechanism or
are installing a third party gss-api mechanism, things are going to crash,
mostly whenever anyone tries to use gss-api as a server, regardless of whether
they intended to use your application.
I'd like to see this fixed in trusty, so I'm giving a detailed repro below.
Patch against trusty coming shortly.
Apologies that the repro is a bit involved; there's not a mechanism packaged
in Ubuntu that easily exhibits this. However, you really ought to be able to
use Ubuntu to develop a GSS mechanism without crashing all your gss apps.
On a stock trusty system, first install the attached mech file as
/usr/etc/gss/mech (yes that's /usr/etc, not /etc) and then run the
following:
sudo add-apt-repository ppa:moonshot/daily
sudo apt-get update
4 sudo apt-get install bzr libkrb5-dev libradsec-dev libssl-dev
libjansson-dev autoconf automake libtool build-essential
bzr branch -r739 lp:moonshot
cd moonshot/
autoreconf -i
./configure --without-opensaml --without-shibresolver
make -j3
sudo make install
sudo apt-get install krb5-gss-samples
gss-server host@localhost
This will segfault
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1326500/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
