Memory corruption issue when samba4 is the target of a net vampire command

Andrew Bartlett abartlet at
Wed Oct 27 01:58:33 MDT 2010

On Wed, 2010-10-27 at 18:52 +1100, Andrew Bartlett wrote:
> On Tue, 2010-10-26 at 17:23 +0200, Angelos Oikonomopoulos wrote:
> > Hello all,
> > 
> > I've been playing around with Samba 4 from git master (specifically 
> > 5785f08268bac332d09bdf71d1907ecb54f3b5bd from last Thursday). It seems 
> > to work well so far, but I've run into a bug when trying to add a second 
> > samba4 server as an additional DC, following the instructions in 
> >
> > 
> > Specifically, the net vampire command described in that page crashes the 
> > existing DC pretty reliably. I've tried looking into it today but I 
> > think I'll need some help to track down the root cause (and produce a fix).
> If this is reproducible, then put printf() statements in near every
> questionable variable.  valgrind will then complain when you print
> invalid things, now that it knows you expected it to be valid NOW,
> rather than later. 
> I don't see from what you have sent why the task would not be valid.  It
> is passed in to the socket code at the top level, and ends up being
> passed to the accept handler. 

Also, liberal addition of talloc_get_type_abort() is often a quick way
to assert that pointers are current, valid memory. 

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list