Please note that this is NOT the same as bug #168269, which only deals with the implicit declaration of `iruserok'. Due to a missing include in hdb-ldap.c, there are no explicit declarations of the functions from libldap (part of OpenLDAP). With FEATURES=stricter, this causes the following merge-time failure: * QA Notice: Package has poor programming practices which may compile * fine but exhibit random runtime failures. * hdb-ldap.c:311: warning: implicit declaration of function `ldap_get_values' hdb-ldap.c:323: warning: implicit declaration of function `ldap_value_free' hdb-ldap.c:401: warning: implicit declaration of function `ldap_count_values' hdb-ldap.c:726: warning: implicit declaration of function `ldap_search_s' hdb-ldap.c:1324: warning: implicit declaration of function `ldap_abandon' hdb-ldap.c:1371: warning: implicit declaration of function `ldap_search' hdb-ldap.c:1552: warning: implicit declaration of function `ldap_add_s' hdb-ldap.c:1556: warning: implicit declaration of function `ldap_modify_s' hdb-ldap.c:1616: warning: implicit declaration of function `ldap_delete_s' rshd.c:149: warning: implicit declaration of function `iruserok' * QA Notice: Package has poor programming practices which may compile * but will almost certainly crash on 64bit architectures. * Function `ldap_get_values' implicitly converted to pointer at hdb-ldap.c:311 I can confirm that the code does indeed segfault on amd64, as the C compiler has assigned a default type of int (i.e. only 32bits) to the return value of ldap_get_values, when ldap_get_values actually returns a char ** (which is larger than 32 bits on amd64). The return value of ldap_get_values is then truncated to 32 bits, causing a segfault when deferenced. Extract from a gdb session: 81 if ( ber_scanf( &ber, "[v]", &vals ) == LBER_ERROR ) { (gdb) 86 return( vals ); (gdb) print vals $4 = (char **) 0xa217172ac80 (gdb) print *vals $5 = 0xa217172acd0 "krbtgt/WHITLEY.EDU.AU@WHITLEY.EDU.AU" (gdb) s 87 } (gdb) LDAP_get_string_value (db=0xa217172ace8, entry=0xa217172c038, attribute=0x358df0c30132fe51 <Address 0x358df0c30132fe51 out of bounds>, ptr=0x7399834088b8) at hdb-ldap.c:312 312 if (vals == NULL) { (gdb) 317 *ptr = strdup(vals[0]); (gdb) print vals $6 = (char **) 0x7172ac80 (gdb) print *vals Cannot access memory at address 0x7172ac80 and the function in question: static krb5_error_code LDAP_get_string_value(HDB * db, LDAPMessage * entry, const char *attribute, char **ptr) { char **vals; int ret; vals = ldap_get_values(HDB2LDAP(db), entry, (char *) attribute); if (vals == NULL) { *ptr = NULL; return HDB_ERR_NOENTRY; } *ptr = strdup(vals[0]); if (*ptr == NULL) ret = ENOMEM; else ret = 0; ldap_value_free(vals); return ret; } Portage 2.1.2.2 (hardened/amd64, gcc-3.4.6, glibc-2.3.6-r5, 2.6.20-hardened-r2 x86_64) ================================================================= System uname: 2.6.20-hardened-r2 x86_64 Intel(R) Core(TM)2 CPU 6420 @ 2.13GHz Gentoo Base System release 1.12.9 Timestamp of tree: Fri, 18 May 2007 04:50:01 +0000 dev-lang/python: 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -ggdb -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-march=nocona -O2 -ggdb -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="collision-detect cvs distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms splitdebug strict test userfetch userpriv usersandbox" GENTOO_MIRRORS="http://mirror.aarnet.edu.au/pub/gentoo" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.au.gentoo.org/gentoo-portage" USE="acl amd64 apache2 bash-completion berkdb bzip2 caps crypt cups fam hardened jpeg jpeg2k justify kerberos ldap midi ncurses nls nptl nptlonly pcre pic png postgres python quotas readline sasl snmp spell sse2 ssl symlink test tiff truetype unicode urandom vhosts xattr xml xorg zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Actually, my original diagnosis (missing include of ldap.h in hdb-ldap.c) is incorrect. It seems that ldap_get_values is depreciated and is wrapped in #if LDAP_DEPRECATED (see /usr/include/ldap.h), so a short term solution might be to define LDAP_DEPRECATED when compiling heimdal, until heimdal can be patched to use the newer functions.
Created attachment 120044 [details, diff] Add "-DLDAP_DEPRECATED=1" to CPPFLAGS when USE=ldap
Not 100% correct... append-flags is better then to re-export like that. Fixed your issue in CVS.
