Bug#679343: Fwd: [rt.cpan.org #84888] Segfaults when adding or deleting tainted values
Xavier
x.guimard at free.fr
Sun May 19 10:37:28 UTC 2013
-------- Message original --------
Subject: [rt.cpan.org #84888] Segfaults when adding or deleting tainted
values
Date : Sun, 19 May 2013 05:36:31 -0400
>From : Peter Marschall via RT <bug-perl-ldap at rt.cpan.org>
Reply to : bug-perl-ldap at rt.cpan.org
To : x.guimard at free.fr
Copy to : waoki at umnh.utah.edu
<URL: https://rt.cpan.org/Ticket/Display.html?id=84888 >
Hi,
On Mon May 13 17:52:41 2013, waoki at umnh.utah.edu wrote:
> When I modify it to use Authen::SASL so that I can authenticate using
> GSSAPI, it crashes with a sgementation fault. If I set things up so
> that
> I can authenticate to the server without GSSAPI, it does not crash.
you got me interested ;-)
So I built a Kerberos installation and rewrote the script:
------- BEGIN EXAMPLE -------
#!/usr/bin/perl -w -T
use Net::LDAP;
use Authen::SASL qw(Cyrus); # CHECK A: switch
between Perl & Cyrus
use Net::LDAP::Entry;
die("Usage $0 <carLicense>\n") unless @ARGV;
my $ldap = Net::LDAP->new('ldap://SERVER.DOMAIN') or die($@);
my $sh = Authen::SASL->new(mechanism => 'GSSAPI') or die "Can't get SASL
handle\n";
#$sh = $sh->client_new('ldap', 'SERVER.DOMAIN'); # CHECK
B: (un)comment this line
my $mesg = $ldap->bind('cn=MANAGER,DC=ADPM,DC=DE', sasl => $sh);
die "LDAP bind failed: ".$mesg->error.' ('.$mesg->code.')' if $mesg->code;
my $entry = Net::LDAP::Entry->new('cn=TEST-USER,DC=ADPM,DC=DE');
$entry->changetype('modify');
$entry->add(carLicense => $ARGV[0]);
$mesg = $entry->update($ldap);
print "Sorry, sgmentation fault cannot be reproduced\n";
die "LDAP modify failed: ".$mesg->error.' ('.$mesg->code.')' if
$mesg->code;
------- END EXAMPLE -------
Using this updated script I tried to reproduce the segfault, again using
perl-ldap 0.55 on Perl v5.14.2.
In no case of my tests I was able to reproduce a semgentation fault.
But there were different outcomes depending on the different
combinations of the checks
named CHECK A & CHECK B above:
* when using 'qw(Perl)' in CHECK A, the script ran successfuly independent
whether client_new() was called in CHECK B or nor
* when using 'qw(Cyrus)' in CHECK A, and called client_new() in the
script, then
the script finished without problems too.
* only when 'qw(Cyrus)' in CHECK A and not calling client_new() in the
script,
[i.e. in exact the configuration as shown above], the script died in
line 12
with the message
"LDAP bind failed: generic failure (82) at ./crashit.pl line 12,
<DATA> line 747."
But it did not segfault.
I guess the root cause here is that Authen::SASL::Cyrus cannot deal with
an IP address
as SASL host.
The workaround here is to call client_new yourself.
This is documented in the bind section of the Net::LDAP man page.
Can you please test this updated script with all the 4 cases of CHECK A
& B and
report the individual results?
Best
Peter
More information about the pkg-perl-maintainers
mailing list