[Swan-dev] core dump since a week in xauth-pluto-20-pam-timeout

Andrew Cagney andrew.cagney at gmail.com
Sat Dec 16 23:25:31 UTC 2017 

I'd suspect a use after free - *xauth would contain gibberish.
It looks like xauth_pam_abort() is freeing the object instead of
leaving it to xauth_pam_child_cleanup().

On 16 December 2017 at 13:14, Antony Antony <antony at phenome.org> wrote:
> Hi
>
> I noticed a coredump in xauth-pluto-20-pam-timeout since week or so.
> I think it is related to a recent fixes to  xauth pam stuff around Dec 5th
> or so.
>
> It is happening when shutting down the host, after the test case.
>
>  ../bin/check-for-core.sh
> CORE FOUND: /tmp/core.east.pluto.2260
> [New LWP 2260]
> [New LWP 2265]
> [New LWP 2266]
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/libthread_db.so.1".
> Core was generated by `PATH/libexec/ipsec/pluto --leak-detective --config
> /etc/ipsec.conf --nofo'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0  0x00007f8cdb4bb378 in xauth_pam_child_cleanup (status=9,
> arg=0x7f8cd22c5f98) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/xauth.c:110
> 110             DBG(DBG_XAUTH, {
> #0  0x00007f8cdb4bb378 in xauth_pam_child_cleanup (status=9,
> arg=0x7f8cd22c5f98) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/xauth.c:110
> #1  0x00007f8cdb4f39d6 in childhandler_cb (unused=17, event=8, arg=0x0) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/server.c:909
> #2  0x00007f8cd9454a05 in event_signal_closure (base=<optimized out>,
> base=<optimized out>, ev=0x7f8cd239bf70) at event.c:1064
> #3  event_process_active_single_queue (activeq=0x7f8cd3841ff0,
> base=0x7f8cd383bd80) at event.c:1342
> #4  event_process_active (base=<optimized out>) at event.c:1420
> #5  event_base_loop (base=0x7f8cd383bd80, flags=0) at event.c:1621
> #6  0x00007f8cdb4f3f01 in call_server () at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/server.c:1074
> #7  0x00007f8cdb4f0211 in main (argc=5, argv=0x7fff61b7cd68) at
> PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/plutomain.c:1747
> mv: failed to preserve ownership for ‘OUTPUT/core.east.pluto.2260’:
> Operation not permitted
>  east #
>   if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
>
>
> earliest I noticed
> https://swantest.libreswan.fi/results/blackswan/2017-12-08-swantest-3.22-412-g696a3b5f4-master/xauth-pluto-20-pam-timeout/OUTPUT/east.console.verbose.txt
>
> -antony
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev

More information about the Swan-dev mailing list