Bug#300904: ssh-krb5: writes an error messgae: free(): invalid pointer 0x80688ab!

Tue, 22 Mar 2005 08:08:13 -0800 

Package: ssh-krb5
Version: 3.8.1p1-7
Severity: important


I get this error-message logging into a host:
free(): invalid pointer 0x80688ab!

But it seems to work (however the message is irritating).

I made a ltrace of this and this is an exerpt of it (don't know if it
is enough to localize the error; I don't look at the source-code):


EVP_DigestInit(0xbfffd960, 0xb7fa3260, 149, 0xb7fa8d04, 0x80a2028) = 1
EVP_DigestUpdate(0xbfffd960, 0x80aba08, 1999, 0xb7fa8d04, 0x80a2028) = 1
EVP_DigestFinal(0xbfffd960, 0x8082e20, 0, 0xb7fa8d04, 0x80a2028) = 1
memset(0x80aba08, '\000', 4096)                  = 0x80aba08
free(0x80aba08)                                  = <void>
DH_free(0x80a1fd8, 0x80949c0, 0x80a6e10, 595, 0x8095688) = 0
free(0x80a21a8)                                  = <void>
BN_clear_free(0x8094740, 0x80949c0, 0x80a6e10, 595, 0x8095688) = 0
BN_num_bits(0x809d120, 0, 0xb7ce4a94, 0xb7fe9000, 0x8049d03) = 1024
malloc(4096)                                     = 0x80ab328
memcpy(0x80ab328, "", 143)                       = 0x80ab328
memcpy(0xbfffd8d4, "", 4)                        = 0xbfffd8d4
malloc(8)                                        = 0x8098188
memcpy(0x8098188, "ssh-rsa", 7)                  = 0x8098188
free(0x8098188)                                  = <void>
memcpy(0xbfffd8d4, "", 4)                        = 0xbfffd8d4
malloc(129)                                      = 0x80a2458
memcpy(0x80a2458, 
"5\003W\nr\232<\211\002\255\220\226\376\270\317\233o)\200\204aAsF\252!\033w\275$\277j"...,
 128) = 0x80a2458
memset(0x80ab328, '\000', 4096)                  = 0x80ab328
free(0x80ab328)                                  = <void>
RSA_size(0x809d0c8, 0xbfffd92c, 143, 0xb7fe9000, 0x8049d03) = 128
OBJ_nid2sn(64, 0xbfffd92c, 143, 0xb7fe9000, 0x8049d03) = 0xb7f80276
EVP_get_digestbyname(0xb7f80276, 0xbfffd92c, 143, 0xb7fe9000, 0x8049d03) = 
0xb7fa3260
EVP_DigestInit(0xbfffd960, 0xb7fa3260, 143, 0xb7fe9000, 0x8049d03) = 1
EVP_DigestUpdate(0xbfffd960, 0x8082e20, 20, 0xb7fe9000, 0x8049d03) = 1
EVP_DigestFinal(0xbfffd960, 0xbfffd930, 0xbfffd928, 0xb7fe9000, 0x8049d03) = 1
RSA_size(0x809d0c8, 100, 100, 0xb7fa8d04, 0x80a2738) = 128
malloc(128)                                      = 0x80946f0
RSA_public_decrypt(128, 0x80a2458, 0x80946f0, 0x809d0c8, 1) = 35
free(0x80946f0)                                  = <void>
memset(0x80a2458, 's', 128)                      = 0x80a2458
free(0x80a2458)                                  = <void>
RSA_free(0x809d0c8, 20, 0xb7da3668, 0x8082e20, 595) = 0
free(0x80a2738)                                  = <void>
free(0x80a2688)                                  = <void>
malloc(20)                                       = 0x80a2738
memcpy(0x80a2738, 
"\255_\033\377\277\275\225\255\367\315\227N\226\253\217\202\272\350\200\237", 
20) = 0x80a2738
EVP_sha1(0xb7da2c60, 280, 0xb7ce4a94, 0xb7da3620, 0xb7da2c60) = 0xb7fa3260
malloc(20)                                       = 0x809d138
malloc(4096)                                     = 0x80ab328
BN_num_bits(0x80a2028, 20, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 1022
malloc(129)                                      = 0x80946f0
BN_bn2bin(0x80a2028, 0x80946f1, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 128
memcpy(0x80ab328, "", 4)                         = 0x80ab328
memcpy(0x80ab32c, 
"-\247\314{\336\006A\326\200B^E{~\031c\3130\203,\314\024\3045r\006Y\337\255'\201`"...,
 128) = 0x80ab32c
memset(0x80946f0, '\000', 129)                   = 0x80946f0
free(0x80946f0)                                  = <void>
EVP_DigestInit(0xbfffd900, 0xb7fa3260, 0xb7ce4a94, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80ab328, 132, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x8082e20, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0xbfffd8ff, 1, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80a2738, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestFinal(0xbfffd900, 0x809d138, 0, 0xb7da3620, 0xb7da2c60) = 1
memset(0x80ab328, '\000', 4096)                  = 0x80ab328
free(0x80ab328)                                  = <void>
EVP_sha1(0x80ab328, 0x809d138, 0, 0xb7da3620, 0xb7da2c60) = 0xb7fa3260
malloc(20)                                       = 0x8094b30
malloc(4096)                                     = 0x80ab328
BN_num_bits(0x80a2028, 20, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 1022
malloc(129)                                      = 0x80946f0
BN_bn2bin(0x80a2028, 0x80946f1, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 128
memcpy(0x80ab328, "", 4)                         = 0x80ab328
memcpy(0x80ab32c, 
"-\247\314{\336\006A\326\200B^E{~\031c\3130\203,\314\024\3045r\006Y\337\255'\201`"...,
 128) = 0x80ab32c
memset(0x80946f0, '\000', 129)                   = 0x80946f0
free(0x80946f0)                                  = <void>
EVP_DigestInit(0xbfffd900, 0xb7fa3260, 0, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80ab328, 132, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x8082e20, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0xbfffd8ff, 1, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80a2738, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestFinal(0xbfffd900, 0x8094b30, 0, 0xb7da3620, 0xb7da2c60) = 1
memset(0x80ab328, '\000', 4096)                  = 0x80ab328
free(0x80ab328)                                  = <void>
EVP_sha1(0x80ab328, 0x8094b30, 0, 0xb7da3620, 0xb7da2c60) = 0xb7fa3260
malloc(20)                                       = 0x8094b78
malloc(4096)                                     = 0x80ab328
BN_num_bits(0x80a2028, 20, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 1022
malloc(129)                                      = 0x80946f0
BN_bn2bin(0x80a2028, 0x80946f1, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 128
memcpy(0x80ab328, "", 4)                         = 0x80ab328
memcpy(0x80ab32c, 
"-\247\314{\336\006A\326\200B^E{~\031c\3130\203,\314\024\3045r\006Y\337\255'\201`"...,
 128) = 0x80ab32c
memset(0x80946f0, '\000', 129)                   = 0x80946f0
free(0x80946f0)                                  = <void>
EVP_DigestInit(0xbfffd900, 0xb7fa3260, 0, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80ab328, 132, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x8082e20, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0xbfffd8ff, 1, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80a2738, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestFinal(0xbfffd900, 0x8094b78, 0, 0xb7da3620, 0xb7da2c60) = 1
memset(0x80ab328, '\000', 4096)                  = 0x80ab328
free(0x80ab328)                                  = <void>
EVP_sha1(0x80ab328, 0x8094b78, 0, 0xb7da3620, 0xb7da2c60) = 0xb7fa3260
malloc(20)                                       = 0x8094b90
malloc(4096)                                     = 0x80ab328
BN_num_bits(0x80a2028, 20, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 1022
malloc(129)                                      = 0x80946f0
BN_bn2bin(0x80a2028, 0x80946f1, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 128
memcpy(0x80ab328, "", 4)                         = 0x80ab328
memcpy(0x80ab32c, 
"-\247\314{\336\006A\326\200B^E{~\031c\3130\203,\314\024\3045r\006Y\337\255'\201`"...,
 128) = 0x80ab32c
memset(0x80946f0, '\000', 129)                   = 0x80946f0
free(0x80946f0)                                  = <void>
EVP_DigestInit(0xbfffd900, 0xb7fa3260, 0, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80ab328, 132, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x8082e20, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0xbfffd8ff, 1, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80a2738, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestFinal(0xbfffd900, 0x8094b90, 0, 0xb7da3620, 0xb7da2c60) = 1
memset(0x80ab328, '\000', 4096)                  = 0x80ab328
free(0x80ab328)                                  = <void>
EVP_sha1(0x80ab328, 0x8094b90, 0, 0xb7da3620, 0xb7da2c60) = 0xb7fa3260
malloc(20)                                       = 0x8094ba8
malloc(4096)                                     = 0x80ab328
BN_num_bits(0x80a2028, 20, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 1022
malloc(129)                                      = 0x80946f0
BN_bn2bin(0x80a2028, 0x80946f1, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 128
memcpy(0x80ab328, "", 4)                         = 0x80ab328
memcpy(0x80ab32c, 
"-\247\314{\336\006A\326\200B^E{~\031c\3130\203,\314\024\3045r\006Y\337\255'\201`"...,
 128) = 0x80ab32c
memset(0x80946f0, '\000', 129)                   = 0x80946f0
free(0x80946f0)                                  = <void>
EVP_DigestInit(0xbfffd900, 0xb7fa3260, 0, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80ab328, 132, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x8082e20, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0xbfffd8ff, 1, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestUpdate(0xbfffd900, 0x80a2738, 20, 0xb7da3620, 0xb7da2c60) = 1
EVP_DigestFinal(0xbfffd900, 0x8094ba8, 0, 0xb7da3620, 0xb7da2c60) = 1
memset(0x80ab328, '\000', 4096)                  = 0x80ab328
free(0x80ab328)                                  = <void>
EVP_sha1(0x80ab328, 0x8094ba8, 0, 0xb7da3620, 0xb7da2c60) = 0xb7fa3260
malloc(20)                                       = 0x809d150
malloc(4096)                                     = 0x80ab328
BN_num_bits(0x80a2028, 20, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 1022
malloc(129)                                      = 0x80946f0
BN_bn2bin(0x80a2028, 0x80946f1, 0xbfffd8d8, 0x80688ab, 0xbfffd910) = 128



-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.11.4
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages ssh-krb5 depends on:
ii  adduser                     3.63         Add and remove users and groups
ii  debconf                     1.4.30.11    Debian configuration management sy
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libcomerr2                  1.35-6       The Common Error Description libra
ii  libkrb53                    1.3.6-1      MIT Kerberos runtime libraries
ii  libpam-runtime              0.76-22      Runtime support for the PAM librar
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-2     SSL shared libraries
ii  libwrap0                    7.6.dbs-6    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.2-3    compression library - runtime

-- debconf information:
  ssh/insecure_rshd:
* ssh/user_environment_tell:
* ssh/forward_warning:
  ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
  ssh/privsep_ask: true
* ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
* ssh/privsep_tell:
  ssh/ssh2_keys_merged:
* ssh/protocol2_only: true


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to