[Bug 1016895] Re: smbd crashed with SIGABRT in dump_core()
TJ
1016895 at bugs.launchpad.net
Wed Aug 1 05:03:19 UTC 2012
The attached debdiff modifies
source3/auth/auth_utils.c::create_local_token()
When samba SIDs are being converted to local Linux group IDs (GIDs) some
samba groups (id.type == WBC_ID_TYPE_GID) do not have associated Linux
groups, e.g. NTLM\Domain Users (-513).
Unmatched SIDs had their associated GID set to (int)-1 despite the fact
that Linux group IDs are unsigned, which was translated to
(unsigned)4294967295.
Checks are added to avoid adding to the GID array or creating related
local tokens when the GID is -1.
setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0
Security token SIDs (16):
SID[ 0]: S-1-5-21-3351122084-3488288528-2342995061-1002
SID[ 1]: S-1-5-21-3351122084-3488288528-2342995061-513
SID[ 2]: S-1-22-2-1000
SID[ 3]: S-1-22-2-4
SID[ 4]: S-1-22-2-20
SID[ 5]: S-1-22-2-24
SID[ 6]: S-1-22-2-46
SID[ 7]: S-1-22-2-100
SID[ 8]: S-1-22-2-116
SID[ 9]: S-1-22-2-118
SID[ 10]: S-1-22-2-124
SID[ 11]: S-1-22-2-128
SID[ 12]: S-1-1-0
SID[ 13]: S-1-5-2
SID[ 14]: S-1-5-11
SID[ 15]: S-1-22-1-1000
Privileges (0x 0):
Rights (0x 0):
UNIX token of user 1000
Primary group is 1000 and contains 10 supplementary groups
Group[ 0]: 1000
Group[ 1]: 4
Group[ 2]: 20
Group[ 3]: 24
Group[ 4]: 46
Group[ 5]: 100
Group[ 6]: 116
Group[ 7]: 118
Group[ 8]: 124
Group[ 9]: 128
Impersonated user: uid=(0,1000), gid=(0,1000)
** Patch added: "Precise debdiff - ignore GIDs == -1 to prevent syscall setgroups panic"
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1016895/+attachment/3244353/+files/samba_3.6.3-2ubuntu2.4.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1016895
Title:
smbd crashed with SIGABRT in dump_core()
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1016895/+subscriptions
More information about the Ubuntu-server-bugs
mailing list