Re: BUG #3902: Segmentation faults using GSSAPI authentication - Mailing list pgsql-bugs
| From | Tom Lane |
|---|---|
| Subject | Re: BUG #3902: Segmentation faults using GSSAPI authentication |
| Date | |
| Msg-id | 2096.1201666659@sss.pgh.pa.us Whole thread Raw |
| In response to | Re: BUG #3902: Segmentation faults using GSSAPI authentication ("Peter Koczan" <pjkoczan@gmail.com>) |
| Responses |
Re: BUG #3902: Segmentation faults using GSSAPI authentication
|
| List | pgsql-bugs |
"Peter Koczan" <pjkoczan@gmail.com> writes:
> Program received signal SIGSEGV, Segmentation fault.
> 0x0056bfde in getenv () from /lib/libc.so.6
> (gdb) bt
> #0 0x0056bfde in getenv () from /lib/libc.so.6
> #1 0x005c1490 in tzset_internal () from /lib/libc.so.6
> #2 0x005c1fad in tzset () from /lib/libc.so.6
> #3 0x005c6726 in strftime_l () from /lib/libc.so.6
> #4 0x0060b67f in __vsyslog_chk () from /lib/libc.so.6
> #5 0x0060bbaa in syslog () from /lib/libc.so.6
> #6 0x0830e3f9 in write_syslog ()
> #7 0x0830f7a8 in send_message_to_server_log ()
> #8 0x0830daf4 in EmitErrorReport ()
> #9 0x082450bd in PostgresMain ()
> #10 0x08210b9e in BackendRun ()
> #11 0x08210174 in BackendStartup ()
> #12 0x0820dc53 in ServerLoop ()
> #13 0x0820d631 in PostmasterMain ()
> #14 0x081b2ee7 in main ()
Hmm, crash inside getenv?? That's weird, that suggests something has
clobbered the environment-strings data structure.
[ pokes around in code... ] And behold, here's a smoking gun:
pg_GSS_recvauth() is doing a putenv() with a string that it got from
palloc(). The active context at this point is PostmasterContext,
which *is* going to go away soon, leaving a gaping hole in the environ
list.
I still couldn't reproduce a crash with that knowledge, but I bet that
if you apply the attached patch, things will get better.
regards, tom lane
Index: src/backend/libpq/auth.c
===================================================================
RCS file: /cvsroot/pgsql/src/backend/libpq/auth.c,v
retrieving revision 1.162
diff -c -r1.162 auth.c
*** auth.c 1 Jan 2008 19:45:49 -0000 1.162
--- auth.c 30 Jan 2008 04:07:42 -0000
***************
*** 384,390 ****
min_stat,
lmin_s,
gflags;
- char *kt_path;
int mtype;
int ret;
StringInfoData buf;
--- 384,389 ----
***************
*** 398,408 ****
* setenv("KRB5_KTNAME", pg_krb_server_keyfile, 0); except setenv()
* not always available.
*/
! if (!getenv("KRB5_KTNAME"))
{
! kt_path = palloc(MAXPGPATH + 13);
! snprintf(kt_path, MAXPGPATH + 13,
! "KRB5_KTNAME=%s", pg_krb_server_keyfile);
putenv(kt_path);
}
}
--- 397,415 ----
* setenv("KRB5_KTNAME", pg_krb_server_keyfile, 0); except setenv()
* not always available.
*/
! if (getenv("KRB5_KTNAME") == NULL)
{
! size_t kt_len = strlen(pg_krb_server_keyfile) + 14;
! char *kt_path = malloc(kt_len);
!
! if (!kt_path)
! {
! ereport(LOG,
! (errcode(ERRCODE_OUT_OF_MEMORY),
! errmsg("out of memory")));
! return STATUS_ERROR;
! }
! snprintf(kt_path, kt_len, "KRB5_KTNAME=%s", pg_krb_server_keyfile);
putenv(kt_path);
}
}
pgsql-bugs by date: