[Samba] Bug in Samba4 causing crash
Robin McCorkell
xenopathic at gmail.com
Fri Jun 7 08:18:56 MDT 2013
I have discovered a bug in the LDAP implementation in Samba4. Although I
cannot describe the problem very well, I can dump the error and the steps
to achieve it and hope you understand what I mean:
Running Mozilla Thunderbird connected to Samba4 LDAP (using an anonymous
bind, if it matters) it is possible to search for entries. Searching for
nothing, for example 'Email contains ', results in Samba4 crashing with the
following error message:
[2013/06/07 14:38:52, 0] ../lib/util/fault.c:72(fault_report)
===============================================================
[2013/06/07 14:38:52, 0] ../lib/util/fault.c:73(fault_report)
INTERNAL ERROR: Signal 11 in pid 10406 (4.0.6)
Please read the Trouble-Shooting section of the Samba HOWTO
[2013/06/07 14:38:52, 0] ../lib/util/fault.c:75(fault_report)
===============================================================
[2013/06/07 14:38:52, 0] ../lib/util/fault.c:144(smb_panic_default)
PANIC: internal error
I ran Wireshark at the same time as running this query. The filter appeared
to be:
(&(&(mail=*)(displayName=*))(mail=[NULL]))
But not trusting how Wireshark displays it, this is the relevant hex dump:
a0 21 a0 13 87 04
6d 61 69 6c 87 0b
64 69 73 70 6c 61 79 4e 61 6d 65 a0 0a a4 08 04 04
6d 61 69 6c 30 00
Split into sections, in text it looks like this (with unprintable
characters replaced with . ):
.!....
mail..
displayName......
mail0.
After the crash the server is rendered unusable - further LDAP queries do
not work, authentication doesn't work etc.
Rob
PS. To ask for more debug information, please CC the email to me as I'm not
currently subscribed to the list.
More information about the samba
mailing list