kadmind from mit-krb5-1.4.3-r3 runs for a week or so and then SEGVs. I used the following settings to build a debug binary on a hardened system: CFLAGS="-g3 -fno-pie -fno-stack-protector-all -nonow -norelro -pipe" LDFLAGS="-ggdb" Here's the backtrace: (gdb) where #0 0x2fbd09f7 in svctcp_destroy (xprt=0x8069ed8) at svc_tcp.c:299 #1 0x2fbcc5c3 in svc_do_xprt (xprt=0x8069ed8) at svc.c:518 #2 0x2fbcc37b in gssrpc_svc_getreqset (readfds=0x5989a9e0) at svc.c:425 #3 0x080512b7 in kadm_svc_run (params=0x5989aac0) at ovsec_kadmd.c:726 #4 0x08050f8d in main (argc=0, argv=0x5989ac28) at ovsec_kadmd.c:607 (gdb) print xprt $1 = (SVCXPRT *) 0x8069ed8 (gdb) print *xprt->xp_auth $7 = {svc_ah_ops = 0x44452e55, svc_ah_private = 0x55} (gdb) print *xprt->xp_auth->svc_ah_ops Cannot access memory at address 0x44452e55 # emerge --info mit-krb5 Portage 2.1.1 (hardened/x86, gcc-3.3.5-20050130, glibc-2.3.5-r1, 2.4.32-hardened-r6 i686) ================================================================= System Settings ================================================================= System uname: 2.4.32-hardened-r6 i686 Intel(R) Xeon(TM) CPU 2.80GHz Gentoo Base System version 1.6.13 Last Sync: Wed, 01 Nov 2006 22:30:01 +0000 app-admin/eselect-compiler: [Not Present] dev-java/java-config: [Not Present] dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.15.92.0.2-r10 sys-devel/gcc-config: 1.3.11-r4 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.4.22-r1 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/terminfo" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict userpriv usersandbox" LINGUAS="" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage/" PORTDIR_OVERLAY="/usr/local/portage" USE="x86 bzip2 crypt elibc_glibc hardened input_devices_keyboard input_devices_mouse ipv6 kerberos kernel_linux mailwrapper ncurses pam pic png readline ssl tcpd userland_GNU userlocales zlib" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS # uname -a Linux freezer 2.4.32-hardened-r6 #1 SMP Mon Oct 30 22:02:46 UTC 2006 i686 Intel(R) Xeon(TM) CPU 2.80GHz GenuineIntel GNU/Linux
MIT has released two advisories and a new version which fixes this problem.
