[Bug 1514766] Re: smbd crashed with SIGABRT in strlen() while accessing a share from a W7 client

Wed Nov 11 09:31:18 UTC 2015

Scratching about to try and find any other reports.

There is something going on in https://tracker.zentyal.org/issues/3130
and a handful of their other bugs that looks similar.  Zentyal is listed
as a drop in replacement for a Microsoft Small Business Server so it
sounds likely they it could include Samba.  That was only generated from
a search for "strlen () at ../sysdeps/x86_64/strlen.S:106 Samba" though
so it could be unrelated.

A Samba bug also comes up for a later package
https://bugzilla.samba.org/show_bug.cgi?id=11530 but reading that
suggests the strlen search I am doing is too general to find more than
general protection faults.  So what would "E_md4hash (passwd=  p16=
entry= ) at ../libcli/auth/smbencrypt.c:78" turn up?

That is more hopeful.  There is this post http://gathering.tweakers.net/forum/list_messages/1607613 that seems to relate to Ubuntu 14.04 as well and contains a  similar segment of stack trace in it:
No locals.
#10 0xb768afb1 in push_ucs2_talloc (ctx=ctx at entry=0x0, dest=dest at entry=0xbfd3b61c, src=src at entry=0x0, converted_size=converted_size at entry=0xbfd3b618) at ../lib/util/charset/pull_push.c:41
src_len = <optimized out>
#11 0xb724e574 in E_md4hash (passwd=0x0, p16=p16 at entry=0xbfd3b6a8 "") at ../libcli/auth/smbencrypt.c:78
len = 64
wpwd = 0xb7665000
ret = <optimized out>
#12 0xb7421898 in create_volume_objectid (conn=0xb82c1ac8, objid=objid at entry=0xbfd3b6a8 "") at ../source3/smbd/trans2.c:3017
No locals.
#13 0xb752fbde in vfswrap_fsctl (handle=0xb82c1910, fsp=0xb82ea670, ctx=0xb82df308, function=590016, req_flags=49217, _in_data=0x0, in_len=0, _out_data=0xbfd3b798, max_out_len=64, out_len=0xbfd3b79c) at ../source3/modules/vfs_default.c:1066
Someone else might do a better job of translating the page.  I can only vaguely follow it but it seems to point to https://bugs.launchpad.net/ubuntu/+source/samba/+bug/916576 near the end.  Bug #916576 was marked expired in 2013-01-02 but there are some diagnostic requests in there that I can attempt.  It also suggests some relation to bug 913809 which lists a huge number of duplicates and two Samba bugs.  The Samba bugs mentioned seemed to trail off as unreproducible.  

I'll leave the related items there for now.  I will set my smb.cong log level 5 and provide the output of `sudo testparm -s` as requested in Bug #916576 and leave it there for now.  

$ sudo testparm -s
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_STANDALONE
[global]
	server string = %h server (Samba, Ubuntu)
	server role = standalone server
	map to guest = Bad User
	obey pam restrictions = Yes
	pam password change = Yes
	passwd program = /usr/bin/passwd %u
	passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
	unix password sync = Yes
	syslog = 0
	log file = /var/log/samba/log.%m
	dns proxy = No
	usershare allow guests = Yes
	panic action = /usr/share/samba/panic-action %d
	idmap config * : backend = tdb

[printers]
	comment = All Printers
	path = /var/spool/samba
	create mask = 0700
	printable = Yes
	print ok = Yes
	browseable = No

[print$]
	comment = Printer Drivers
	path = /var/lib/samba/printers

** Bug watch added: Samba Bugzilla #11530
   https://bugzilla.samba.org/show_bug.cgi?id=11530

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1514766

Title:
  smbd crashed with SIGABRT in strlen() while accessing a share from a
  W7 client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1514766/+subscriptions