Bug#898448: Makes vinagre segfault on authentication failure

Josh Triplett josh at joshtriplett.org
Mon May 14 18:43:42 BST 2018 

On Mon, May 14, 2018 at 01:49:57PM +0000, Mike Gabriel wrote:
> HI Josh,
> 
> On  Fr 11 Mai 2018 21:02:04 CEST, Josh Triplett wrote:
> 
> > Package: libfreerdp2-2
> > Version: 2.0.0~git20180411.1.7a7b1802+dfsg1-1
> > Severity: important
> > 
> > After upgrading libfreerdp2-2, authentication failures (mistyped
> > password) started causing segfaults:
> > 
> > May 11 11:41:29 jtriplet-mobl2 vinagre.desktop[9277]: [11:41:29:080]
> > [9277:9277] [ERROR][com.freerdp.core] - freerdp_set_last_error
> > ERRCONNECT_LOGON_FAILURE [0x00020014]
> > May 11 11:41:29 jtriplet-mobl2 vinagre.desktop[9277]: [11:41:29:080]
> > [9277:9277] [ERROR][com.freerdp.core.rdp] - rdp_recv_callback:
> > CONNECTION_STATE_NLA - nla_recv_pdu() fail
> > May 11 11:41:29 jtriplet-mobl2 vinagre.desktop[9277]: [11:41:29:080]
> > [9277:9277] [ERROR][com.freerdp.core.transport] - transport_check_fds:
> > transport->ReceiveCallback() - -1
> > May 11 11:41:29 jtriplet-mobl2 kernel: vinagre[9277]: segfault at 9 ip
> > 00007fbc84bf6ab0 sp 00007ffc05377a40 error 4 in
> > libfreerdp2.so.2.0.0[7fbc84b1c000+137000]
> > 
> 
> I contacted one of the upstream authors on this.
> 
> Can you provide a gdb backtrace ("bt full") to get some more insight what
> happens to vinagre?

Sure. I can easily reproduce this, just by entering an incorrect
username and password.

Thread 1 "vinagre" received signal SIGSEGV, Segmentation fault.
clear_context_free (clear=0x1) at ./libfreerdp/codec/clear.c:1216
1216	./libfreerdp/codec/clear.c: No such file or directory.
(gdb) bt full
#0  0x00007ffff528bab0 in clear_context_free (clear=0x1) at ./libfreerdp/codec/clear.c:1216
        clear = 0x1
#1  0x00007ffff522a9cd in codecs_free (codecs=0x555555dd62b0) at ./libfreerdp/core/codecs.c:213
#2  0x00007ffff5224c77 in freerdp_disconnect (instance=0x555555d14d00) at ./libfreerdp/core/freerdp.c:508
        rc = 1
        rdp = <optimized out>
#3  0x0000555555584769 in vinagre_rdp_tab_dispose (object=0x555555cfe920) at plugins/rdp/vinagre-rdp-tab.c:182
        rdp_tab = 0x555555cfe920
        priv = 0x555555cfe730
#4  0x00007ffff5be1e03 in g_object_unref () at /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#5  0x00007ffff6b5da39 in gtk_container_remove () at /usr/lib/x86_64-linux-gnu/libgtk-3.so.0
#6  0x0000555555570748 in vinagre_notebook_close_tab (nb=0x555555b06230, tab=0x555555cfe920) at vinagre/vinagre-notebook.c:697
        position = 0
        notebook = 0x555555b06230
        previous_active_tab = 0x555555cfe920
        __func__ = "vinagre_notebook_close_tab"
#7  0x0000555555583074 in idle_close (tab=0x555555cfe920) at plugins/rdp/vinagre-rdp-tab.c:272
#8  0x00007ffff59030f5 in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#9  0x00007ffff59034c0 in  () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#10 0x00007ffff590354c in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0
#11 0x00007ffff5ec3cdd in g_application_run () at /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0
#12 0x00005555555655cf in main (argc=1, argv=0x7fffffffdf68) at vinagre/vinagre-main.c:196
        app = 0x5555557e91a0
        res = <optimized out>

More information about the pkg-remote-team mailing list