[Bug 1794] New: sshd segfault when calling pam_authenticate() in pam_unix module which has option "try_first_pass"

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jul 13 18:50:47 EST 2010


https://bugzilla.mindrot.org/show_bug.cgi?id=1794

           Summary: sshd segfault when calling pam_authenticate() in
                    pam_unix module which has option "try_first_pass"
           Product: Portable OpenSSH
           Version: 5.5p1
          Platform: HPPA
        OS/Version: HP-UX
            Status: NEW
          Severity: critical
          Priority: P2
         Component: PAM support
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: bitman.zhou at centrify.com


OS: HP-UX hpux23 B.11.23 U 9000/785 2009445268 unlimited-user license
GCC: gcc version 4.4.3 (GCC), downloaded from HP's website
pam.conf:

sshd     auth required  libpam_hpsec.so.1  
sshd     auth required  libpam_unix.so.1  try_first_pass

No such issue if no option "try_first_pass" or with option
"get_first_pass".

------- gdb trace -----

debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering

Program received signal SIGSEGV, Segmentation fault
  si_code: 0 - SEGV_UNKNOWN - Unknown Error.
0x7af6a57c in crypt+0x154 () from /usr/lib/libc.2
(gdb) bt
#0  0x7af6a57c in crypt+0x154 () from /usr/lib/libc.2
#1  0x7ab9b928 in pwd_crypt+0x2c () from
/usr/lib/security/libpam_unix.so.1
#2  0x7ab90f40 in <unknown_procedure> + 0x1c0 () from
/usr/lib/security/libpam_unix.so.1
#3  0x7ab90910 in pam_sm_authenticate+0x588 () from
/usr/lib/security/libpam_unix.so.1
#4  0x7abd02ac in pam_authenticate+0xd0 () from /usr/lib/libpam.1
#5  0x26934 in sshpam_auth_passwd (authctxt=0x400118d8,
password=0x73745f72 <Error reading address 0x73745f72: Bad address>)
    at auth-pam.c:1208
#6  0xced4 in auth_password (authctxt=0x6, password=0x72656164 <Error
reading address 0x72656164: Bad address>)
    at auth-passwd.c:116
#7  0x20f38 in mm_answer_authpassword (sock=1073813720, m=0x400039fc)
at monitor.c:740
#8  0x21734 in monitor_read (pmonitor=0x40011920, ent=0x40001600,
pent=0x5b800) at monitor.c:493
#9  0x21b98 in monitor_child_preauth (_authctxt=0x40008f40,
pmonitor=0x40017b48) at monitor.c:369
#10 0xbdfc in main (ac=2139031728, av=0x40001684) at sshd.c:641
(gdb)

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list