Comments (6)
valgrind of non-stripped ykclient lib:
rten@tahoe:~$ valgrind --leak-check=full su
==16730== Memcheck, a memory error detector
==16730== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==16730== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==16730== Command: su
==16730==
Yubikey for `root':
==16730== Invalid read of size 1
==16730== at 0x528F3B1: vfprintf (vfprintf.c:1630)
==16730== by 0x534CD8F: __vsnprintf_chk (vsnprintf_chk.c:65)
==16730== by 0x534CCD7: __snprintf_chk (snprintf_chk.c:36)
==16730== by 0x6C730BE: ykclient_expand_urls (stdio2.h:65)
==16730== by 0x6C743C1: ykclient_request_process (ykclient.c:1295)
==16730== by 0x6C744F1: ykclient_request (ykclient.c:1336)
==16730== by 0x6A6BD14: pam_sm_authenticate (in /lib/security/pam_yubico.so)
==16730== by 0x4E34B44: ??? (in /lib/x86_64-linux-gnu/libpam.so.0.83.0)
==16730== by 0x4E343C7: pam_authenticate (in /lib/x86_64-linux-gnu/libpam.so.0.83.0)
==16730== by 0x4028FD: ??? (in /bin/su)
==16730== by 0x526576C: (below main) (libc-start.c:226)
==16730== Address 0x1 is not stack'd, malloc'd or (recently) free'd
==16730==
==16730==
==16730== Process terminating with default action of signal 11 (SIGSEGV)
==16730== Access not within mapped region at address 0x1
==16730== at 0x528F3B1: vfprintf (vfprintf.c:1630)
==16730== by 0x534CD8F: __vsnprintf_chk (vsnprintf_chk.c:65)
==16730== by 0x534CCD7: __snprintf_chk (snprintf_chk.c:36)
==16730== by 0x6C730BE: ykclient_expand_urls (stdio2.h:65)
==16730== by 0x6C743C1: ykclient_request_process (ykclient.c:1295)
==16730== by 0x6C744F1: ykclient_request (ykclient.c:1336)
==16730== by 0x6A6BD14: pam_sm_authenticate (in /lib/security/pam_yubico.so)
==16730== by 0x4E34B44: ??? (in /lib/x86_64-linux-gnu/libpam.so.0.83.0)
==16730== by 0x4E343C7: pam_authenticate (in /lib/x86_64-linux-gnu/libpam.so.0.83.0)
==16730== by 0x4028FD: ??? (in /bin/su)
==16730== by 0x526576C: (below main) (libc-start.c:226)
==16730== If you believe this happened as a result of a stack
==16730== overflow in your program's main thread (unlikely but
==16730== possible), you can try to increase the size of the
==16730== main thread stack using the --main-stacksize= flag.
==16730== The main thread stack size used in this run was 8388608.
==16730==
==16730== HEAP SUMMARY:
==16730== in use at exit: 209,346 bytes in 2,301 blocks
==16730== total heap usage: 3,057 allocs, 756 frees, 288,622 bytes allocated
==16730==
==16730== 48 bytes in 1 blocks are definitely lost in loss record 58 of 126
==16730== at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16730== by 0x405CA2: ??? (in /bin/su)
==16730== by 0x4050CF: ??? (in /bin/su)
==16730== by 0x402847: ??? (in /bin/su)
==16730== by 0x526576C: (below main) (libc-start.c:226)
==16730==
==16730== 101 (48 direct, 53 indirect) bytes in 1 blocks are definitely lost in loss record 71 of 126
==16730== at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16730== by 0x405CA2: ??? (in /bin/su)
==16730== by 0x4050CF: ??? (in /bin/su)
==16730== by 0x404417: ??? (in /bin/su)
==16730== by 0x4024EA: ??? (in /bin/su)
==16730== by 0x526576C: (below main) (libc-start.c:226)
==16730==
==16730== 300 (60 direct, 240 indirect) bytes in 1 blocks are definitely lost in loss record 89 of 126
==16730== at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16730== by 0x53495A4: nss_parse_service_list (nsswitch.c:678)
==16730== by 0x534A065: __nss_database_lookup (nsswitch.c:175)
==16730== by 0x5E0F2A4: ???
==16730== by 0x53029BC: getpwnam_r@@GLIBC_2.2.5 (getXXbyYY_r.c:256)
==16730== by 0x5302383: getpwnam (getXXbyYY.c:117)
==16730== by 0x4026DF: ??? (in /bin/su)
==16730== by 0x526576C: (below main) (libc-start.c:226)
==16730==
==16730== LEAK SUMMARY:
==16730== definitely lost: 156 bytes in 3 blocks
==16730== indirectly lost: 293 bytes in 15 blocks
==16730== possibly lost: 0 bytes in 0 blocks
==16730== still reachable: 208,897 bytes in 2,283 blocks
==16730== suppressed: 0 bytes in 0 blocks
==16730== Reachable blocks (those to which a pointer was found) are not shown.
==16730== To see them, rerun with: --leak-check=full --show-reachable=yes
==16730==
==16730== For counts of detected and suppressed errors, rerun with: -v
==16730== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 2 from 2)
from yubico-pam.
and this leads me to:
url=http://yubikey/wsapi/2.0/verify?id=%s&otp=%s
which should be
url=http://yubikey/wsapi/2.0/verify?id=%d&otp=%s
Can't you catch this?
from yubico-pam.
Yes.. But it will go hand-in-hand with changing yubico-c-client and probably adding a new API with saner format strings.
/klas
from yubico-pam.
Agree, it's not like the %d and %s are optional as they are used at the moment.
from yubico-pam.
since yubico-c-client version 2.12 there's a new api call ykclient_set_url_bases() that can be used with a simple url (http://yubikey/wsapi/2.0/verify) maybe we should create a new option that uses that and allows setting several urls as well. (in reference to #21)
from yubico-pam.
now there's a new option called urllist (only on master yet), with that going out I think we should discourage use of the url option..
If it's possible for you to test the current code on master and see if you think the urllist option makes senes that'd be great..
/klas
from yubico-pam.
Related Issues (20)
- Error performing curl for OTP validation w/ Yubico Cloud HOT 13
- Can I use NFC? HOT 2
- fnbl
- Abnormal time delay on pam_yubico on CentOS 7 HOT 2
- Add mysql support fort the yubikey_mapping HOT 1
- RFC4515 not implemented HOT 4
- Problem parsing OTP??
- Inconsistent quotes around username
- OpenVPN + LDAP + Yubico HOT 4
- Mysql close connection after return HOT 1
- [question] yubikey bio series support HOT 3
- RFE: Support domain equivalence HOT 1
- Auth timeouts after key press
- Pam configuration to login with yubikey, but only if present HOT 1
- Multiple keys per user HOT 2
- `libykclient` repository is archived
- ykpamcfg uses bare minimum (weak?) PBKDF2 iteration count
- Yubikey fails to unlock cinnamon screensaver -fix
- Version 2.27 for Ubuntu 22.04 (Jammy)
- ykpersonalize nowhere to be found
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from yubico-pam.