[Samba] Segmentation Fault when trying to set root samba password, IPA as a backend

Rowland penny rpenny at samba.org
Fri Mar 4 16:16:44 UTC 2016


On 04/03/16 09:58, Volker Lendecke wrote:
> On Fri, Mar 04, 2016 at 10:53:17AM +0100, Volker Lendecke wrote:
>> On Wed, Mar 02, 2016 at 09:23:34AM +0000, Rowland penny wrote:
>>> OK, here is the output:
>> Can you try the attached (UNTESTED!) patch?
>>
>> Thanks,
> Gna, should have at least compiled it....
>
> New patch :-)
>
> Volker
>

Sorry Volker, it didn't work :-(

It still segfaults and valgrind now shows more errors, see attached files

Rowland

-------------- next part --------------
smbpasswd -a ldap03
New SMB password:
Retype new SMB password:
Added user ldap03.
Segmentation fault
root at testpdc:/usr/src/samba/samba-master# gdb smbpasswd
GNU gdb (Debian 7.7.1+dfsg-5) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i586-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from smbpasswd...done.
(gdb) run -a ldap04
Starting program: /usr/local/samba/bin/smbpasswd -a ldap04
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/i686/cmov/libthread_db.so.1".
New SMB password:
Retype new SMB password:
Added user ldap04.

Program received signal SIGSEGV, Segmentation fault.
0xb7137578 in ldap_mods_free () from /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2
(gdb) bt
#0  0xb7137578 in ldap_mods_free ()
   from /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2
#1  0xb70d7a14 in ldapmod_destructor (mod=0x80028280)
    at ../source3/lib/smbldap.c:266
#2  0xb7da7b54 in _talloc_free_internal (ptr=0x80028280, 
    location=0x800060b8 "../source3/utils/smbpasswd.c:631")
    at ../lib/talloc/talloc.c:1046
#3  0xb7da8930 in _talloc_free_children_internal (tc=0x8001e858, 
    ptr=0x8001e888, location=0x800060b8 "../source3/utils/smbpasswd.c:631")
    at ../lib/talloc/talloc.c:1525
#4  0xb7da7cb3 in _talloc_free_internal (ptr=0x8001e888, 
    location=0x800060b8 "../source3/utils/smbpasswd.c:631")
    at ../lib/talloc/talloc.c:1072
#5  0xb7da8c9d in _talloc_free (ptr=0x8001e888, 
    location=0x800060b8 "../source3/utils/smbpasswd.c:631")
    at ../lib/talloc/talloc.c:1647
#6  0x800041de in main (argc=3, argv=0xbffffcf4)
    at ../source3/utils/smbpasswd.c:631
(gdb) quit
A debugging session is active.

	Inferior 1 [process 28613] will be killed.

Quit anyway? (y or n) y



-------------- next part --------------
valgrind smbpasswd -a ldap05
==28624== Memcheck, a memory error detector
==28624== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==28624== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==28624== Command: smbpasswd -a ldap05
==28624== 
New SMB password:
Retype new SMB password:
==28626== 
==28626== HEAP SUMMARY:
==28626==     in use at exit: 180,041 bytes in 987 blocks
==28626==   total heap usage: 5,737 allocs, 4,750 frees, 1,643,712 bytes allocated
==28626== 
==28626== LEAK SUMMARY:
==28626==    definitely lost: 0 bytes in 0 blocks
==28626==    indirectly lost: 0 bytes in 0 blocks
==28626==      possibly lost: 38,178 bytes in 139 blocks
==28626==    still reachable: 141,863 bytes in 848 blocks
==28626==         suppressed: 0 bytes in 0 blocks
==28626== Rerun with --leak-check=full to see details of leaked memory
==28626== 
==28626== For counts of detected and suppressed errors, rerun with: -v
==28626== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Added user ldap05.
==28624== Invalid read of size 4
==28624==    at 0x56B452A: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20dd0 is 0 bytes inside a block of size 16 free'd
==28624==    at 0x482C2D4: realloc (vg_replace_malloc.c:692)
==28624==    by 0x48777F7: realloc_array (util.c:754)
==28624==    by 0x5731BE1: smbldap_set_mod_internal (smbldap.c:325)
==28624==    by 0x5732166: smbldap_set_mod (smbldap.c:392)
==28624==    by 0x4AA410F: ldapsam_create_user (pdb_ldap.c:5305)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 1
==28624==    at 0x56B4578: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20668 is 0 bytes inside a block of size 12 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B456E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x56B457B: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20670 is 8 bytes inside a block of size 12 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B456E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x568F88E: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f206e0 is 0 bytes inside a block of size 8 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x568F8C0: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid free() / delete / delete[] / realloc()
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x568F8AC: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20790 is 0 bytes inside a block of size 7 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x568F8AC: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x568F8AD: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f206e4 is 4 bytes inside a block of size 8 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x568F8C0: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid free() / delete / delete[] / realloc()
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x568F8C0: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f206e0 is 0 bytes inside a block of size 8 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x568F8C0: ber_memvfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B458E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x56B4548: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20dd0 is 0 bytes inside a block of size 16 free'd
==28624==    at 0x482C2D4: realloc (vg_replace_malloc.c:692)
==28624==    by 0x48777F7: realloc_array (util.c:754)
==28624==    by 0x5731BE1: smbldap_set_mod_internal (smbldap.c:325)
==28624==    by 0x5732166: smbldap_set_mod (smbldap.c:392)
==28624==    by 0x4AA410F: ldapsam_create_user (pdb_ldap.c:5305)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x56B454A: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f2066c is 4 bytes inside a block of size 12 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B456E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid free() / delete / delete[] / realloc()
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B455B: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f206a8 is 0 bytes inside a block of size 4 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B455B: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x56B455C: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20dd0 is 0 bytes inside a block of size 16 free'd
==28624==    at 0x482C2D4: realloc (vg_replace_malloc.c:692)
==28624==    by 0x48777F7: realloc_array (util.c:754)
==28624==    by 0x5731BE1: smbldap_set_mod_internal (smbldap.c:325)
==28624==    by 0x5732166: smbldap_set_mod (smbldap.c:392)
==28624==    by 0x4AA410F: ldapsam_create_user (pdb_ldap.c:5305)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid free() / delete / delete[] / realloc()
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B456E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20668 is 0 bytes inside a block of size 12 free'd
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B456E: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x4AA46F2: ldapsam_create_user (pdb_ldap.c:5393)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid read of size 4
==28624==    at 0x56B456F: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20dd4 is 4 bytes inside a block of size 16 free'd
==28624==    at 0x482C2D4: realloc (vg_replace_malloc.c:692)
==28624==    by 0x48777F7: realloc_array (util.c:754)
==28624==    by 0x5731BE1: smbldap_set_mod_internal (smbldap.c:325)
==28624==    by 0x5732166: smbldap_set_mod (smbldap.c:392)
==28624==    by 0x4AA410F: ldapsam_create_user (pdb_ldap.c:5305)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== Invalid free() / delete / delete[] / realloc()
==28624==    at 0x482B3A8: free (vg_replace_malloc.c:473)
==28624==    by 0x568F820: ber_memfree_x (in /usr/lib/i386-linux-gnu/liblber-2.4.so.2.10.3)
==28624==    by 0x56B45AA: ldap_mods_free (in /usr/lib/i386-linux-gnu/libldap_r-2.4.so.2.10.3)
==28624==    by 0x5731A13: ldapmod_destructor (smbldap.c:266)
==28624==    by 0x4A64B53: _talloc_free_internal (talloc.c:1046)
==28624==    by 0x4A6592F: _talloc_free_children_internal (talloc.c:1525)
==28624==    by 0x4A64CB2: _talloc_free_internal (talloc.c:1072)
==28624==    by 0x4A65C9C: _talloc_free (talloc.c:1647)
==28624==    by 0x10C1DD: main (smbpasswd.c:631)
==28624==  Address 0x5f20dd0 is 0 bytes inside a block of size 16 free'd
==28624==    at 0x482C2D4: realloc (vg_replace_malloc.c:692)
==28624==    by 0x48777F7: realloc_array (util.c:754)
==28624==    by 0x5731BE1: smbldap_set_mod_internal (smbldap.c:325)
==28624==    by 0x5732166: smbldap_set_mod (smbldap.c:392)
==28624==    by 0x4AA410F: ldapsam_create_user (pdb_ldap.c:5305)
==28624==    by 0x4AC046E: pdb_create_user (pdb_interface.c:542)
==28624==    by 0x4AB1401: local_password_change (passdb.c:745)
==28624==    by 0x10B4AB: password_change (smbpasswd.c:264)
==28624==    by 0x10BC87: process_root (smbpasswd.c:466)
==28624==    by 0x10C1AC: main (smbpasswd.c:627)
==28624== 
==28624== 
==28624== HEAP SUMMARY:
==28624==     in use at exit: 179,431 bytes in 953 blocks
==28624==   total heap usage: 6,467 allocs, 5,527 frees, 2,271,504 bytes allocated
==28624== 
==28624== LEAK SUMMARY:
==28624==    definitely lost: 308 bytes in 1 blocks
==28624==    indirectly lost: 1,601 bytes in 19 blocks
==28624==      possibly lost: 35,708 bytes in 109 blocks
==28624==    still reachable: 141,814 bytes in 824 blocks
==28624==         suppressed: 0 bytes in 0 blocks
==28624== Rerun with --leak-check=full to see details of leaked memory
==28624== 
==28624== For counts of detected and suppressed errors, rerun with: -v
==28624== ERROR SUMMARY: 38 errors from 14 contexts (suppressed: 0 from 0)
root at testpdc:/usr/src/samba/samba-master# 



More information about the samba mailing list