Segfault with "net ads password"

Fri Nov 1 23:05:24 GMT 2002

Andrew,

It seems like you're right about the null pointer. Given the code block
you mentioned, I rebuilt with --enable-krb5developer and ran gdb over it
again with a breakpoint at net_ads_password() and displaying ads,
ads->auth, and ads->auth.kdc_server. The following is the output from
gdb at the line just before line 885 where kerberos_set_password() is
called:

3: ads->auth = {realm = 0x0, password = 0x0, user_name = 0x0, kdc_server
= 0x0, flags = 0, time_offset = 0}
2: ads->auth.kdc_server = 0x0
1: ads = (ADS_STRUCT *) 0x81af8e0

And of course, the call itself... null values and all...
(usernames/passwords substituted)

(gdb) 
kerberos_set_password (kpasswd_server=0x0, auth_principal=0x815c560
Admin at DOMAIN.COM, 
    auth_password=0x815c57c "Adminpass", target_principal=0xbffffbe5
User at DOMAIN.COM, 
    new_password=0x81535a0 "User", time_offset=0) at
libads/krb5_setpw.c:470
470         return krb5_set_password(kpasswd_server, target_principal,
new_password, time_offset);

Ok, this officially goes beyond my abilities... who maintains the "net
ads" portion of Samba that could help me look into this further?

Thanks,

James Willard
james at whispering.org

-----Original Message-----
From: Esh, Andrew [mailto:AEsh at tricord.com] 
Sent: Friday, November 01, 2002 4:54 PM
To: 'James Willard'; samba-technical at samba.org
Subject: RE: Segfault with "net ads password"
Importance: High

Looks like this bit of code is failing: 

utils/net_ads.c, lines 877-886, function "net_ads_password" 

    /* use the realm so we can eventually change passwords for users 
    in realms other than default */ 
    if (!(ads = ads_init(realm, NULL, NULL))) return -1; 

    asprintf(&prompt, "Enter new password for %s:", argv[0]); 

    new_password = getpass(prompt); 

    ret = kerberos_set_password(ads->auth.kdc_server, auth_principal, 
                                auth_password, argv[0], new_password,
ads->auth.time_offset); 

the last line is reached with "ads->auth.kdc_server" as a bad (null?)
pointer.  The "ads_init" function creates the ads structure and zeroes
it. It doesn't appear to me as though "ads_init" initializes ads->auth,
and I don't see where else it gets set.

-----Original Message----- 
From: James Willard [mailto:james at whispering.org] 
Sent: Friday, November 01, 2002 2:23 PM 
To: samba-technical at samba.org 
Subject: RE: Segfault with "net ads password" 

And as a follow-up to myself... The following is a backtrace from gdb: 

Program received signal SIGSEGV, Segmentation fault. 
0x080ec329 in interpret_addr () 
(gdb) bt 
#0  0x080ec329 in interpret_addr () 
#1  0x080ec462 in interpret_addr2 () 
#2  0x080efbe0 in open_udp_socket () 
#3  0x0810f56c in krb5_set_password () 
#4  0x0810fdbf in kerberos_set_password () 
#5  0x0806b17c in net_ads_password () 
#6  0x08068690 in net_run_function () 
#7  0x0806b51c in net_ads () 
#8  0x08068690 in net_run_function () 
#9  0x080697d3 in main () 
#10 0x42017589 in __libc_start_main () from /lib/i686/libc.so.6 

Thanks, 

James Willard 
james at whispering.org 

-----Original Message----- 
From: samba-technical-admin at lists.samba.org 
[mailto:samba-technical-admin at lists.samba.org] On Behalf Of James 
Willard 
Sent: Friday, November 01, 2002 2:12 PM 
To: samba-technical at samba.org 
Subject: Segfault with "net ads password" 

Hi, 

I'm trying to troubleshoot a problem I've been having for the past 
several weeks with "net ads password" attempting to change a users' 
password. I'm using the Samba 3.0 CVS tree updated this morning (even 
though there has been no difference in behavior in the past month or 
so). I'm running: 

net ads password UserName at DOMAIN.COM -U Admin at REALM.COM%Password 

I receive a prompt: 

Enter new password for UserName at DOMAIN.COM: 

I enter a password and then it segfaults. Below are excerpts from a 
strace: 

... 
write(3, "kadmin", 6)                   = 6 
write(3, "\0\0\0\10", 4)                = 4 
write(3, "changepw", 8)                 = 8 
... 
write(3, "\0\0\0\0", 4)                 = 4 
write(3, NULL, 0)                       = 0 
fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 
0 
close(3)                                = 0 
time(NULL)                              = 1036176903 
gettimeofday({1036176903, 994633}, NULL) = 0 gettimeofday({1036176903, 
995109}, NULL) = 0 
--- SIGSEGV (Segmentation fault) --- 
+++ killed by SIGSEGV +++ 

The operating system is RedHat Linux 7.3 on a PIII with krb5-1.2.5 and 
openldap-2.1.4 

What other information would be useful in tracking down this bug? 

Thanks, 

James Willard 
james at whispering.org 

-------------- next part --------------
HTML attachment scrubbed and removed