Causes segfault in xscreensaver
Closed this issue · 17 comments
frioux commented
If you start xscreensaver, move your mouse to cause the prompt, and just wait for the timeout, the pam_yubikey module seems to crash xscreensaver. Here is a backtrace from xscreensaver:
*** Error in `_/driver/xscreensaver': free(): invalid pointer: 0x00007f390549c000 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x80996)[0x7f3904afb996]
/lib/security/pam_yubikey.so(get_response+0x156)[0x7f39026e1a86]
/lib/security/pam_yubikey.so(pam_sm_authenticate+0x4f4)[0x7f39026e1fd5]
/lib/x86_64-linux-gnu/libpam.so.0(+0x2e3f)[0x7f390507ee3f]
/lib/x86_64-linux-gnu/libpam.so.0(pam_authenticate+0x2d)[0x7f390507e68d]
_/driver/xscreensaver[0x4284d7]
_/driver/xscreensaver[0x427ee7]
_/driver/xscreensaver[0x42789d]
_/driver/xscreensaver[0x40762d]
_/driver/xscreensaver[0x407e22]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7f3904a9cde5]
_/driver/xscreensaver[0x405109]
======= Memory map: ========
00400000-00444000 r-xp 00000000 fc:01 527961 /home/frew/code/xscreensaver-5.23/driver/xscreensaver
00643000-00644000 r--p 00043000 fc:01 527961 /home/frew/code/xscreensaver-5.23/driver/xscreensaver
00644000-00646000 rw-p 00044000 fc:01 527961 /home/frew/code/xscreensaver-5.23/driver/xscreensaver
00646000-00649000 rw-p 00000000 00:00 0
01df3000-01e73000 rw-p 00000000 00:00 0 [heap]
7f39007c3000-7f39007d8000 r-xp 00000000 fc:00 425679 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f39007d8000-7f39009d7000 ---p 00015000 fc:00 425679 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f39009d7000-7f39009d8000 r--p 00014000 fc:00 425679 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f39009d8000-7f39009d9000 rw-p 00015000 fc:00 425679 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f39009d9000-7f39009e0000 r-xp 00000000 fc:00 430186 /lib/x86_64-linux-gnu/librt-2.17.so
7f39009e0000-7f3900bdf000 ---p 00007000 fc:00 430186 /lib/x86_64-linux-gnu/librt-2.17.so
7f3900bdf000-7f3900be0000 r--p 00006000 fc:00 430186 /lib/x86_64-linux-gnu/librt-2.17.so
7f3900be0000-7f3900be1000 rw-p 00007000 fc:00 430186 /lib/x86_64-linux-gnu/librt-2.17.so
7f3900be1000-7f3900be4000 r-xp 00000000 fc:00 84838 /usr/lib/x86_64-linux-gnu/libck-connector.so.0.0.0
7f3900be4000-7f3900de3000 ---p 00003000 fc:00 84838 /usr/lib/x86_64-linux-gnu/libck-connector.so.0.0.0
7f3900de3000-7f3900de4000 r--p 00002000 fc:00 84838 /usr/lib/x86_64-linux-gnu/libck-connector.so.0.0.0
7f3900de4000-7f3900de5000 rw-p 00003000 fc:00 84838 /usr/lib/x86_64-linux-gnu/libck-connector.so.0.0.0
7f3900de5000-7f3900e29000 r-xp 00000000 fc:00 430126 /lib/x86_64-linux-gnu/libdbus-1.so.3.7.4
7f3900e29000-7f3901028000 ---p 00044000 fc:00 430126 /lib/x86_64-linux-gnu/libdbus-1.so.3.7.4
7f3901028000-7f3901029000 r--p 00043000 fc:00 430126 /lib/x86_64-linux-gnu/libdbus-1.so.3.7.4
7f3901029000-7f390102a000 rw-p 00044000 fc:00 430126 /lib/x86_64-linux-gnu/libdbus-1.so.3.7.4
7f390102a000-7f390102c000 r-xp 00000000 fc:00 432409 /lib/x86_64-linux-gnu/security/pam_ck_connector.so
7f390102c000-7f390122b000 ---p 00002000 fc:00 432409 /lib/x86_64-linux-gnu/security/pam_ck_connector.so
7f390122b000-7f390122c000 r--p 00001000 fc:00 432409 /lib/x86_64-linux-gnu/security/pam_ck_connector.so
7f390122c000-7f390122d000 rw-p 00002000 fc:00 432409 /lib/x86_64-linux-gnu/security/pam_ck_connector.so
7f390122d000-7f390122f000 r-xp 00000000 fc:00 432448 /lib/x86_64-linux-gnu/security/pam_umask.so
7f390122f000-7f390142e000 ---p 00002000 fc:00 432448 /lib/x86_64-linux-gnu/security/pam_umask.so
7f390142e000-7f390142f000 r--p 00001000 fc:00 432448 /lib/x86_64-linux-gnu/security/pam_umask.so
7f390142f000-7f3901430000 rw-p 00002000 fc:00 432448 /lib/x86_64-linux-gnu/security/pam_umask.so
7f3901430000-7f390143a000 r-xp 00000000 fc:00 425956 /lib/x86_64-linux-gnu/security/pam_gnome_keyring.so
7f390143a000-7f3901639000 ---p 0000a000 fc:00 425956 /lib/x86_64-linux-gnu/security/pam_gnome_keyring.so
7f3901639000-7f390163a000 r--p 00009000 fc:00 425956 /lib/x86_64-linux-gnu/security/pam_gnome_keyring.so
7f390163a000-7f390163b000 rw-p 0000a000 fc:00 425956 /lib/x86_64-linux-gnu/security/pam_gnome_keyring.so
7f390163b000-7f390163f000 r-xp 00000000 fc:00 430120 /lib/x86_64-linux-gnu/libcap.so.2.22
7f390163f000-7f390183e000 ---p 00004000 fc:00 430120 /lib/x86_64-linux-gnu/libcap.so.2.22
7f390183e000-7f390183f000 r--p 00003000 fc:00 430120 /lib/x86_64-linux-gnu/libcap.so.2.22
7f390183f000-7f3901840000 rw-p 00004000 fc:00 430120 /lib/x86_64-linux-gnu/libcap.so.2.22
7f3901840000-7f3901842000 r-xp 00000000 fc:00 432408 /lib/x86_64-linux-gnu/security/pam_cap.so
7f3901842000-7f3901a41000 ---p 00002000 fc:00 432408 /lib/x86_64-linux-gnu/security/pam_cap.so
7f3901a41000-7f3901a42000 r--p 00001000 fc:00 432408 /lib/x86_64-linux-gnu/security/pam_cap.so
7f3901a42000-7f3901a43000 rw-p 00002000 fc:00 432408 /lib/x86_64-linux-gnu/security/pam_cap.so
7f3901a43000-7f3901a44000 r-xp 00000000 fc:00 432432 /lib/x86_64-linux-gnu/security/pam_permit.so
7f3901a44000-7f3901c43000 ---p 00001000 fc:00 432432 /lib/x86_64-linux-gnu/security/pam_permit.so
7f3901c43000-7f3901c44000 r--p 00000000 fc:00 432432 /lib/x86_64-linux-gnu/security/pam_permit.so
7f3901c44000-7f3901c45000 rw-p 00001000 fc:00 432432 /lib/x86_64-linux-gnu/security/pam_permit.so
7f3901c45000-7f3901c46000 r-xp 00000000 fc:00 432411 /lib/x86_64-linux-gnu/security/pam_deny.so
7f3901c46000-7f3901e45000 ---p 00001000 fc:00 432411 /lib/x86_64-linux-gnu/security/pam_deny.so
7f3901e45000-7f3901e46000 r--p 00000000 fc:00 432411 /lib/x86_64-linux-gnu/security/pam_deny.so
7f3901e46000-7f3901e47000 rw-p 00001000 fc:00 432411 /lib/x86_64-linux-gnu/security/pam_deny.so
7f3901e47000-7f3901e5e000 r-xp 00000000 fc:00 430182 /lib/x86_64-linux-gnu/libpthread-2.17.so
7f3901e5e000-7f390205e000 ---p 00017000 fc:00 430182 /lib/x86_64-linux-gnu/libpthread-2.17.so
7f390205e000-7f390205f000 r--p 00017000 fc:00 430182 /lib/x86_64-linux-gnu/libpthread-2.17.so
7f390205f000-7f3902060000 rw-p 00018000 fc:00 430182 /lib/x86_64-linux-gnu/libpthread-2.17.so
7f3902060000-7f3902064000 rw-p 00000000 00:00 0
7f3902064000-7f39020a1000 r-xp 00000000 fc:00 430173 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f39020a1000-7f39022a1000 ---p 0003d000 fc:00 430173 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f39022a1000-7f39022a2000 r--p 0003d000 fc:00 430173 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f39022a2000-7f39022a3000 rw-p 0003e000 fc:00 430173 /lib/x86_64-linux-gnu/libpcre.so.3.13.1
7f39022a3000-7f39022c2000 r-xp 00000000 fc:00 430187 /lib/x86_64-linux-gnu/libselinux.so.1
7f39022c2000-7f39024c2000 ---p 0001f000 fc:00 430187 /lib/x86_64-linux-gnu/libselinux.so.1
7f39024c2000-7f39024c3000 r--p 0001f000 fc:00 430187 /lib/x86_64-linux-gnu/libselinux.so.1
7f39024c3000-7f39024c4000 rw-p 00020000 fc:00 430187 /lib/x86_64-linux-gnu/libselinux.so.1
7f39024c4000-7f39024c5000 rw-p 00000000 00:00 0
7f39024c5000-7f39024d2000 r-xp 00000000 fc:00 432449 /lib/x86_64-linux-gnu/security/pam_unix.so
7f39024d2000-7f39026d1000 ---p 0000d000 fc:00 432449 /lib/x86_64-linux-gnu/security/pam_unix.so
7f39026d1000-7f39026d2000 r--p 0000c000 fc:00 432449 /lib/x86_64-linux-gnu/security/pam_unix.so
7f39026d2000-7f39026d3000 rw-p 0000d000 fc:00 432449 /lib/x86_64-linux-gnu/security/pam_unix.so
7f39026d3000-7f39026df000 rw-p 00000000 00:00 0
7f39026df000-7f39026e8000 r-xp 00000000 fc:00 425493 /lib/security/pam_yubikey.so
7f39026e8000-7f39028e7000 ---p 00009000 fc:00 425493 /lib/security/pam_yubikey.so
7f39028e7000-7f39028e8000 r--p 00008000 fc:00 425493 /lib/security/pam_yubikey.so
7f39028e8000-7f39028e9000 rw-p 00009000 fc:00 425493 /lib/security/pam_yubikey.so
7f39028e9000-7f39028ee000 r-xp 00000000 fc:00 84746 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0
7f39028ee000-7f3902aed000 ---p 00005000 fc:00 84746 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0
7f3902aed000-7f3902aee000 r--p 00004000 fc:00 84746 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0
7f3902aee000-7f3902aef000 rw-p 00005000 fc:00 84746 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0
7f3902aef000-7f3902af8000 r-xp 00000000 fc:00 84757 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0
7f3902af8000-7f3902cf7000 ---p 00009000 fc:00 84757 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0
7f3902cf7000-7f3902cf8000 r--p 00008000 fc:00 84757 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0
7f3902cf8000-7f3902cf9000 rw-p 00009000 fc:00 84757 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0
7f3902cf9000-7f3902d02000 r-xp 00000000 fc:00 84738 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2
7f3902d02000-7f3902f01000 ---p 00009000 fc:00 84738 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2
7f3902f01000-7f3902f02000 r--p 00008000 fc:00 84738 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2
7f3902f02000-7f3902f03000 rw-p 00009000 fc:00 84738 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2
7f3902f03000-7f3902f0f000 r-xp 00000000 fc:00 430162 /lib/x86_64-linux-gnu/libnss_files-2.17.so
7f3902f0f000-7f390310e000 ---p 0000c000 fc:00 430162 /lib/x86_64-linux-gnu/libnss_files-2.17.so
7f390310e000-7f390310f000 r--p 0000b000 fc:00 430162 /lib/x86_64-linux-gnu/libnss_files-2.17.so
7f390310f000-7f3903110000 rw-p 0000c000 fc:00 430162 /lib/x86_64-linux-gnu/libnss_files-2.17.so
7f3903110000-7f390311b000 r-xp 00000000 fc:00 430164 /lib/x86_64-linux-gnu/libnss_nis-2.17.so
7f390311b000-7f390331a000 ---p 0000b000 fc:00 430164 /lib/x86_64-linux-gnu/libnss_nis-2.17.so
7f390331a000-7f390331b000 r--p 0000a000 fc:00 430164 /lib/x86_64-linux-gnu/libnss_nis-2.17.so
7f390331b000-7f390331c000 rw-p 0000b000 fc:00 430164 /lib/x86_64-linux-gnu/libnss_nis-2.17.so
7f390331c000-7f3903333000 r-xp 00000000 fc:00 430159 /lib/x86_64-linux-gnu/libnsl-2.17.so
7f3903333000-7f3903532000 ---p 00017000 fc:00 430159 /lib/x86_64-linux-gnu/libnsl-2.17.so
7f3903532000-7f3903533000 r--p 00016000 fc:00 430159 /lib/x86_64-linux-gnu/libnsl-2.17.so
7f3903533000-7f3903534000 rw-p 00017000 fc:00 430159 /lib/x86_64-linux-gnu/libnsl-2.17.so
7f3903534000-7f3903536000 rw-p 00000000 00:00 0
7f3903536000-7f390353e000 r-xp 00000000 fc:00 430160 /lib/x86_64-linux-gnu/libnss_compat-2.17.so
7f390353e000-7f390373d000 ---p 00008000 fc:00 430160 /lib/x86_64-linux-gnu/libnss_compat-2.17.so
7f390373d000-7f390373e000 r--p 00007000 fc:00 430160 /lib/x86_64-linux-gnu/libnss_compat-2.17.so
7f390373e000-7f390373f000 rw-p 00008000 fc:00 430160 /lib/x86_64-linux-gnu/libnss_compat-2.17.so
7f390373f000-7f3903a08000 r--p 00000000 fc:00 83143 /usr/lib/locale/locale-archive
7f3903a08000-7f3903a0d000 r-xp 00000000 fc:00 84742 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0
7f3903a0d000-7f3903c0c000 ---p 00005000 fc:00 84742 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0
7f3903c0c000-7f3903c0d000 r--p 00004000 fc:00 84742 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0
7f3903c0d000-7f3903c0e000 rw-p 00005000 fc:00 84742 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0
7f3903c0e000-7f3903c10000 r-xp 00000000 fc:00 84735 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0
7f3903c10000-7f3903e10000 ---p 00002000 fc:00 84735 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0
7f3903e10000-7f3903e11000 r--p 00002000 fc:00 84735 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0
7f3903e11000-7f3903e12000 rw-p 00003000 fc:00 84735 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0
7f3903e12000-7f3903e16000 r-xp 00000000 fc:00 430204 /lib/x86_64-linux-gnu/libuuid.so.1.3.0
7f3903e16000-7f3904015000 ---p 00004000 fc:00 430204 /lib/x86_64-linux-gnu/libuuid.so.1.3.0
7f3904015000-7f3904016000 r--p 00003000 fc:00 430204 /lib/x86_64-linux-gnu/libuuid.so.1.3.0
7f3904016000-7f3904017000 rw-p 00004000 fc:00 430204 /lib/x86_64-linux-gnu/libuuid.so.1.3.0
7f3904017000-7f3904030000 r-xp 00000000 fc:00 430114 /lib/x86_64-linux-gnu/libaudit.so.1.0.0
7f3904030000-7f390422f000 ---p 00019000 fc:00 430114 /lib/x86_64-linux-gnu/libaudit.so.1.0.0
7f390422f000-7f3904230000 r--p 00018000 fc:00 430114 /lib/x86_64-linux-gnu/libaudit.so.1.0.0
7f3904230000-7f3904231000 rw-p 00019000 fc:00 430114 /lib/x86_64-linux-gnu/libaudit.so.1.0.0
7f3904231000-7f3904235000 rw-p 00000000 00:00 0
7f3904235000-7f3904238000 r-xp 00000000 fc:00 430129 /lib/x86_64-linux-gnu/libdl-2.17.so
7f3904238000-7f3904437000 ---p 00003000 fc:00 430129 /lib/x86_64-linux-gnu/libdl-2.17.so
7f3904437000-7f3904438000 r--p 00002000 fc:00 430129 /lib/x86_64-linux-gnu/libdl-2.17.so
7f3904438000-7f3904439000 rw-p 00003000 fc:00 430129 /lib/x86_64-linux-gnu/libdl-2.17.so
7f3904439000-7f3904456000 r-xp 00000000 fc:00 85685 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0
7f3904456000-7f3904655000 ---p 0001d000 fc:00 85685 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0
7f3904655000-7f3904656000 r--p 0001c000 fc:00 85685 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0
7f3904656000-7f3904657000 rw-p 0001d000 fc:00 85685 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0
7f3904657000-7f390466e000 r-xp 00000000 fc:00 84661 /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0
7f390466e000-7f390486d000 ---p 00017000 fc:00 84661 /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0
7f390486d000-7f390486e000 r--p 00016000 fc:00 84661 /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0
7f390486e000-7f390486f000 rw-p 00017000 fc:00 84661 /usr/lib/x86_64-linux-gnu/libICE.so.6.3.0
7f390486f000-7f3904873000 rw-p 00000000 00:00 0
7f3904873000-7f390487a000 r-xp 00000000 fc:00 84726 /usr/lib/x86_64-linux-gnu/libSM.so.6.0.1
7f390487a000-7f3904a79000 ---p 00007000 fc:00 84726 /usr/lib/x86_64-linux-gnu/libSM.so.6.0.1
Let me know if there is anything I can do to help. I can reliably reproduce the issue.
jeroennijhof commented
Could you do a git pull from our repo and git checkout response_patch?
You need to build and install that version so we can check if that fixes your issue.
frioux commented
Sure, I'll have that for you shortly.
jeroennijhof commented
@frioux any news?
frioux commented
Sorry for the long delay, it's tough to test because it looks like I have
to log out and log in again to test it, which I almost never do, and it's
probably not the final solution as it looks like it leaks. I'll try to
test it today if I get a chance.
frioux commented
Finally tried it, again, sorry for the wait.
I tried it, and instead of just leaking like I expected it would, now it fails to validate, but only with xscreensaver (fortunately.) So while I can log in etc, xscreensaver fails to unlock at all. I rolled back to current master and repro'd the crashing situation. Let me know if you have other ideas. FWIW it's super easy to repro, I have it happening on three machines, so you might try running xscreensaver and triggering a lock with xscreensaver-command -l yourself. Thanks and good luck
jeroennijhof commented
Finally I had some time to test.
I have test pam_yubikey successful with XScreenSaver 5.15 without any crashes.
I'm closing this issue for now.
frioux commented
I'll test it again today. Seeing as you did not make any changes I suspect you didn't actually test it (you press a key and wait for it to timeout, which then triggers the crash).
jeroennijhof commented
Yes I see when I use any input it works but with spaces or mouse movement it crashes indeed. Well at least I can replicate the issue, I'm on it.
frioux commented
Awesome! Let me know if you make progress, I'd love to use a screen lock again ⌣
jeroennijhof commented
Could you please try the latest commit? It should work now. The bug was in the conversation part...
frioux commented
sure, gimme a few minutes
frioux commented
I tried it out and I could no longer authenticate via the screensaver.
Should I restart X11 or something? I did restart the screensaver program...
frioux commented
Oh maybe the data files changed or something, ykvalidate doesn't work either; but sudo still does?
frioux commented
ok, so I removed and re-added my key with ykpasswd, and I still get frew: OTP is INVALID! and still cannot unlock the screensaver. Let me know what else I should try.
frioux commented
If you are on irc feel free to ping me; I'm frew on all the major networks.
jeroennijhof commented
When you do a make install it will overwrite all your permissions so you need to do the following:
$ sudo chgrp yubiauth /etc/yubikey /usr/local/sbin/yk_chkpwd
$ sudo chmod g+rw /etc/yubikey
$ sudo chmod 755 /usr/local/sbin/yk_chkpwd
$ sudo chmod g+s /usr/local/sbin/yk_chkpwd
jeroennijhof commented
Confirmed on IRC it was a permission issue and works with the new code!