[Swan-dev] core dump since a week in xauth-pluto-20-pam-timeout
Andrew Cagney
andrew.cagney at gmail.com
Sat Dec 16 23:25:31 UTC 2017
I'd suspect a use after free - *xauth would contain gibberish.
It looks like xauth_pam_abort() is freeing the object instead of
leaving it to xauth_pam_child_cleanup().
On 16 December 2017 at 13:14, Antony Antony <antony at phenome.org> wrote:
> Hi
>
> I noticed a coredump in xauth-pluto-20-pam-timeout since week or so.
> I think it is related to a recent fixes to xauth pam stuff around Dec 5th
> or so.
>
> It is happening when shutting down the host, after the test case.
>
> ../bin/check-for-core.sh
> CORE FOUND: /tmp/core.east.pluto.2260
> [New LWP 2260]
> [New LWP 2265]
> [New LWP 2266]
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/libthread_db.so.1".
> Core was generated by `PATH/libexec/ipsec/pluto --leak-detective --config
> /etc/ipsec.conf --nofo'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0 0x00007f8cdb4bb378 in xauth_pam_child_cleanup (status=9,
> arg=0x7f8cd22c5f98) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/xauth.c:110
> 110 DBG(DBG_XAUTH, {
> #0 0x00007f8cdb4bb378 in xauth_pam_child_cleanup (status=9,
> arg=0x7f8cd22c5f98) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/xauth.c:110
> #1 0x00007f8cdb4f39d6 in childhandler_cb (unused=17, event=8, arg=0x0) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/server.c:909
> #2 0x00007f8cd9454a05 in event_signal_closure (base=<optimized out>,
> base=<optimized out>, ev=0x7f8cd239bf70) at event.c:1064
> #3 event_process_active_single_queue (activeq=0x7f8cd3841ff0,
> base=0x7f8cd383bd80) at event.c:1342
> #4 event_process_active (base=<optimized out>) at event.c:1420
> #5 event_base_loop (base=0x7f8cd383bd80, flags=0) at event.c:1621
> #6 0x00007f8cdb4f3f01 in call_server () at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/server.c:1074
> #7 0x00007f8cdb4f0211 in main (argc=5, argv=0x7fff61b7cd68) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/plutomain.c:1747
> mv: failed to preserve ownership for ‘OUTPUT/core.east.pluto.2260’:
> Operation not permitted
> east #
> if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
>
>
> earliest I noticed
> https://swantest.libreswan.fi/results/blackswan/2017-12-08-swantest-3.22-412-g696a3b5f4-master/xauth-pluto-20-pam-timeout/OUTPUT/east.console.verbose.txt
>
> -antony
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list