On Wed, 10 Mar 2021 00:31:18 +0000, Vincent Pelletier <plr.vinc...@gmail.com> 
wrote:
> Note how the caller (here, libkdexoauth2.so) is calling with:
> - context
> - id
> - result
> - null
> but xsasl_cyrus_client_get_passwd's signature is:
>   sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret
> which causes id to end up in context (and so on), then context gets
> promptly dereferenced and causes the segfault.
> 
> sasl_getcallback_t definition seems to indicate that libkdexoauth2.so is 
> correct:
>   
> https://github.com/cyrusimap/cyrus-sasl/blob/2c66fff698bdb489fa23221b8ec56c6df34f12e5/include/saslplug.h#L24-L40

...except it seems it's somehow not, and each plugin type has its own
signature. I did not expect this.

After trying the "fix" I suggest, while resolving the segfault (and
maybe avoiding other bugs by chance) it does not let me log in with
libkdexoauth2.so .
Looking at its source I realise it is calling the wrong function:
  _plug_get_simple(utils, SASL_CB_PASS, 1, &token, prompt_need);
when it also has a separate method for decoding password structure:
  _plug_get_password
which, surprise surprise, calls the callback with the signature postfix
expects:
  ret = pass_cb(utils->conn, pass_context, SASL_CB_PASS, password);

So looks like:
- there is a perfectly good reason why *this* plugin crashes while
  others work (phew)
- I've been barking up the wrong tree (...news at 11)

I reported the issue where it should belong:
  https://bugs.kde.org/show_bug.cgi?id=434234

Regards,
-- 
Vincent Pelletier
GPG fingerprint 983A E8B7 3B91 1598 7A92 3845 CAC9 3691 4257 B0C1

Reply via email to