bug in debug.c

Kai Krueger kai at kruegernetz.de
Sat Aug 31 13:00:00 GMT 2002


There seems to be a bug in debug.c. It causes samba to crash with SIGSEGV on
startup if a unknown debug class is specified in smb.conf.
The problem is in debug_parse_params(). This function gets a pointer to the
debug classes as parameter instead of useing the global DEBUGLEVEL_CLASS
arrays. In most cases this doesn't make a difference, but if the arrays
change while still in the function it causes a segmentation fault. Now this
is exactly what happens if you specify an unknown debug class.
debug_parse_params() looks for the debug class with
debug_lookup_classname(). If debug_lookup_classname() doesn't find the class
and debug_auto_add_unknown_class is true, the debug class is added. This
causes the DEBUGLEVEL_CLASS to be reallocated and the next time
debug_parse_params() tries to access it with its local point (still pointing
to the old DEBUGLEVEL_CLASS) it crashes as it accesses it out of bounds.

What is the best solution to this problem. Can debug_parse_params() just use
the global version?


More information about the samba-technical mailing list