Using a development build of 389-ds, it was noticed in some tests that crypt_r
fails with unnamed symbol during the call. The stack trace is:
* thread #19, name = 'ns-slapd', stop reason = signal SIGSEGV: invalid address
(fault address: 0x0)
* frame #0: 0x0000000000000000
frame #1: 0x00007f099414d7bf libasan.so.6`__interceptor_crypt_r.part.0 at
sanitizer_common_interceptors.inc:9598:28
frame #2: 0x00007f098fc52848
libpwdstorage-plugin.so`crypt_pw_cmp(userpwd="password", dbpwd="ZZKRwXSu3tt8s")
at crypt_pwd.c:58:10
frame #3: 0x00007f0993e7a513
libslapd.so.0`slapi_pw_find_sv(vals=0x00006020004c5ab0, v=0x00007f096fed91b0)
at pw.c:173:14
The call in frame 2 is a call to crypt_r, with correct and valid parameters.
Inspecting the loaded symbol table the following can be seen:
(lldb) image lookup -vn crypt_r
1 match found in /usr/lib64/libasan.so.6:
Address: libasan.so.6[0x0000000000054c50]
(libasan.so.6.PT_LOAD[1]..text + 188912)
Summary: libasan.so.6`__interceptor_crypt_r
Module: file = "/usr/lib64/libasan.so.6", arch = "x86_64"
Symbol: id = {0x00000435}, range =
[0x00007fb029a9cc50-0x00007fb029a9ccb8), name="__interceptor_crypt_r"
2 matches found in /usr/lib64/libcrypt.so.1:
Address: libcrypt.so.1[0x00000000000167d0]
(libcrypt.so.1.PT_LOAD[1]..text + 83856)
Summary: libcrypt.so.1`xcrypt_r
Module: file = "/usr/lib64/libcrypt.so.1", arch = "x86_64"
Symbol: id = {0x00000020}, range =
[0x00007fb0253577d0-0x00007fb025357825), name="xcrypt_r"
Address: libcrypt.so.1[0x00000000000167d0]
(libcrypt.so.1.PT_LOAD[1]..text + 83856)
Summary: libcrypt.so.1`xcrypt_r
Module: file = "/usr/lib64/libcrypt.so.1", arch = "x86_64"
Symbol: id = {0x00000020}, range =
[0x00007fb0253577d0-0x00007fb025357825), name="xcrypt_r"
So in this case, __interceptor_crypt_r is being called in place of xcrypt, and
then the fault occurs.
With ASAN disabled, the test is able to proceed and succeeds with no SIGSEGV.
libasan6-10.2.1+git583-1.2.x86_64
gcc10-10.2.1+git583-1.2.x86_64
glibc-2.32-1.1.x86_64