Aiee, segfault! You should probably report this as a bug to the developer

Jean Pierre Sainfeld Sainfeld at broadcom.com
Fri Sep 7 06:51:04 WST 2007


Hi,
I would be thankful if somebody could help me with this issue. 
The conditions of the test are as follows:
1) the test is done on the host or the target ( X86, ARM9 )
respectively. It is done only on one side.
    i.e to the localhost.
2) code is dropbear 0.50 configured ./configure -prefix=/opt
CFLAGS=-DDEBUG_TRACE
3) the standard host keys for rsa and dss are created using dropbearkey
as specified. 
4) the command entered at the shell prompt are
    a) #./dropbear -v -E -p 500 
    b) #./dbclient -v -p 500 root at localhost lsmod
 
I get A segfault message ( see below)
the same set of command on a X86 box ( centos 4.0 ) does work fine 
 
Could you give me some pointers on how to fix this ?
 
Regards
 
Jean-Pierre Sainfeld
 
===========================================================
 
# ./dropbear -v -E -p 500 
TRACE: enter loadhostkeys
TRACE: enter buf_get_priv_key
TRACE: enter rsa_key_free
TRACE: leave rsa_key_free: key == NULL
TRACE: enter buf_get_rsa_priv_key
TRACE: enter buf_get_rsa_pub_key
TRACE: leave buf_get_rsa_pub_key: success
TRACE: leave buf_get_rsa_priv_key
TRACE: leave buf_get_priv_key
TRACE: enter buf_get_priv_key
TRACE: enter dsa_key_free
TRACE: enter dsa_key_free: key == NULL
TRACE: enter buf_get_dss_pub_key
TRACE: leave buf_get_dss_pub_key: success
TRACE: leave buf_get_priv_key
TRACE: leave loadhostkeys
TRACE: listensockets: 1 to try
 
TRACE: listening on ':500'
TRACE: enter dropbear_listen
TRACE: dropbear_listen: all interfaces
TRACE: socket() failed
TRACE: leave dropbear_listen: success, 1 socks bound
# ./dbl     cd ../bin
# ls
ash              egrep            login            rmdir
busybox          false            ls               sed
cat              fgrep            mkdir            sfts
chmod            grep             mknod            sh
cp               ip               more             sleep
date             ipaddr           mount            su
dbclient         ipcalc           mv               sync
dd               iplink           netstat          touch
df               iproute          ping             true
dropbearconvert  iptunnel         ps               umount
dropbearkey      kill             pwd              uname
echo             ln               rm               vi
# ./dbclient -v -p 500 root at localhost lsmod
TRACE: non-flag arg: 'root at localhost'
TRACE: non-flag arg: 'lsmod'
TRACE: user='root' host='localhost' port='500'
TRACE: enter connect_remote
TRACE: leave connect_remote: sock 3
 
TRACE: enter session_init
TRACE: setnonblocking: 4
TRACE: leave setnonblocking
TRACE: setnonblocking: 5
TRACE: leave setnonblocking
TRACE: kexinitialise()
TRACE: leave session_init
TRACE: enter ident_readln
TRACE: leave ident_readln: return 22
TRACE: remoteident: SSH-2.0-dropbear_0.50
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 20
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: DATAALLOWED=0
TRACE: -> KEXINIT
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 20
TRACE: <- KEXINIT
TRACE: enter recv_msg_kexinit
TRACE: cli_buf_match_algo: diffie-hellman-group1-sha1
TRACE: kex algo diffie-hellman-group1-sha1
TRACE: cli_buf_match_algo: ssh-rsa,ssh-dss
TRACE: hostkey algo ssh-rsa
TRACE: cli_buf_match_algo:
aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc
,blowfish-cbc
TRACE: enc c2s is  aes128-cbc
TRACE: cli_buf_match_algo:
aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc
,blowfish-cbc
TRACE: enc s2c is  aes128-cbc
TRACE: cli_buf_match_algo: hmac-sha1-96,hmac-sha1,hmac-md5
TRACE: hash c2s is  hmac-sha1-96
TRACE: cli_buf_match_algo: hmac-sha1-96,hmac-sha1,hmac-md5
TRACE: hash s2c is  hmac-sha1-96
TRACE: cli_buf_match_algo: none
TRACE: hash c2s is  none
TRACE: cli_buf_match_algo: none
TRACE: hash s2c is  none
TRACE: leave recv_msg_kexinit
TRACE: leave process_packet
TRACE: maybe_empty_reply_queue - no data allowed
TRACE: enter cli_sessionloop
TRACE: enter send_msg_kexdh_reply
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 30
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: leave cli_sessionloop: done with KEXINIT_RCVD
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: maybe_empty_reply_queue - no data allowed
TRACE: enter cli_sessionloop
TRACE: leave cli_sessionloop: kex_state != KEX_NOTHING
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 31
TRACE: enter recv_msg_kexdh_reply
TRACE: type is 1
TRACE: enter buf_getline
TRACE: leave buf_getline: failure
TRACE: failed reading line: prob EOF
 
Host 'localhost' is not in the trusted hosts file.
(fingerprint md5 e6:21:4c:27:07:6a:bf:a7:54:41:ff:cb:7b:bf:0c:7f)
Do you want to continue connecting? (y/n) y
TRACE: keybloblen 89, len 4482
TRACE: enter buf_get_pub_key
TRACE: enter rsa_key_free
TRACE: leave rsa_key_free: key == NULL
TRACE: enter buf_get_rsa_pub_key
TRACE: leave buf_get_rsa_pub_key: success
TRACE: leave buf_get_pub_key
TRACE: enter buf_put_pub_key
TRACE: enter buf_put_rsa_pub_key
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: leave buf_put_rsa_pub_key
TRACE: leave buf_put_pub_key
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: enter buf_verify
TRACE: enter buf_rsa_verify
TRACE: success!
TRACE: leave buf_rsa_verify: ret 0
TRACE: enter sign_key_free
TRACE: enter dsa_key_free
TRACE: enter dsa_key_free: key == NULL
TRACE: enter rsa_key_free
TRACE: leave rsa_key_free
TRACE: leave sign_key_free
TRACE: enter send_msg_newkeys
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 21
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: SENTNEWKEYS=1
TRACE: -> MSG_NEWKEYS
TRACE: leave send_msg_newkeys
TRACE: leave recv_msg_kexdh_init
TRACE: leave process_packet
TRACE: maybe_empty_reply_queue - no data allowed
TRACE: enter cli_sessionloop
TRACE: leave cli_sessionloop: kex_state != KEX_NOTHING
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 21
TRACE: <- MSG_NEWKEYS
TRACE: enter recv_msg_newkeys
TRACE: while SENTNEWKEYS=1
TRACE: enter gen_new_keys
TRACE: enter buf_putmpint
TRACE: leave buf_putmpint
TRACE: leave gen_new_keys
TRACE: kexinitialise()
TRACE:  -> DATAALLOWED=1
TRACE: leave recv_msg_newkeys
TRACE: leave process_packet
TRACE: enter cli_sessionloop
TRACE: enter send_msg_service_request: servicename='ssh-userauth'
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 5
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: leave send_msg_service_request
TRACE: leave cli_sessionloop: sent userauth service req
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: enter cli_sessionloop
TRACE: leave cli_sessionloop: fell out
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 6
TRACE: enter recv_msg_service_accept
TRACE: leave recv_msg_service_accept: done ssh-userauth
TRACE: leave process_packet
TRACE: enter cli_sessionloop
TRACE: enter cli_auth_getmethods
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 50
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: leave cli_auth_getmethods
TRACE: leave cli_sessionloop: sent userauth methods req
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: enter cli_sessionloop
TRACE: leave cli_sessionloop: fell out
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 51
TRACE: <- MSG_USERAUTH_FAILURE
TRACE: enter recv_msg_userauth_failure
TRACE: Methods (len 18): 'publickey,password'
TRACE: auth method 'publickey'
TRACE: auth method 'password'
TRACE: leave recv_msg_userauth_failure
TRACE: leave process_packet
TRACE: enter cli_sessionloop
TRACE: enter cli_auth_try
TRACE: enter cli_auth_pubkey
TRACE: leave cli_auth_pubkey-failure
TRACE: enter cli_auth_password
root at localhost's password: 
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 50
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: leave cli_auth_password
TRACE: cli_auth_try lastauthtype 4
TRACE: leave cli_auth_try
TRACE: leave cli_sessionloop: cli_auth_try
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: enter cli_sessionloop
TRACE: leave cli_sessionloop: fell out
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 52
TRACE: received msg_userauth_success
TRACE: leave process_packet
TRACE: enter cli_sessionloop
TRACE: enter setup_localtcp
TRACE: cli_opts.localfwds == NULL
TRACE: leave setup_localtcp
TRACE: enter setup_remotetcp
TRACE: cli_opts.remotefwds == NULL
TRACE: leave setup_remotetcp
TRACE: enter cli_send_chansess_request
TRACE: enter send_msg_channel_open_init()
TRACE: enter newchannel
TRACE: leave newchannel
TRACE: setnonblocking: 0
TRACE: leave setnonblocking
TRACE: leave send_msg_channel_open_init()
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 90
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: leave cli_send_chansess_request
TRACE: leave cli_sessionloop: running
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: check_close: writefd 0, readfd 0, errfd -1, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: enter cli_sessionloop
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 91
TRACE: enter recv_msg_channel_open_confirmation
TRACE: new chan remote 0 local 0
TRACE: setnonblocking: 1
TRACE: leave setnonblocking
TRACE: setnonblocking: 0
TRACE: leave setnonblocking
TRACE: setnonblocking: 2
TRACE: leave setnonblocking
TRACE: enter send_chansess_shell_req
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 98
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: leave send_chansess_shell_req
TRACE: leave recv_msg_channel_open_confirmation
TRACE: leave process_packet
TRACE: check_close: writefd 1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: enter cli_sessionloop
TRACE: enter write_packet
TRACE: empty queue dequeing
TRACE: leave write_packet
TRACE: check_close: writefd 1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: enter cli_sessionloop
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 95
TRACE: enter recv_msg_channel_extended_data
TRACE: enter recv_msg_channel_data
TRACE: length 232
TRACE: leave recv_msg_channel_data
TRACE: leave recv_msg_channel_extended_data
TRACE: leave process_packet
TRACE: check_close: writefd 1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 232
TRACE: enter cli_sessionloop
TRACE: enter writechannel fd 2
TRACE: enter sign_key_free
TRACE: enter dsa_key_free
TRACE: leave dsa_key_free
TRACE: enter rsa_key_free
TRACE: leave rsa_key_free
TRACE: leave sign_key_free
Aiee, segfault! You should probably report this as a bug to the
developer
TRACE: writechannel wrote 232
TRACE: leave writechannel
TRACE: check_close: writefd 1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: enter cli_sessionloop
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 96
TRACE: enter recv_msg_channel_eof
TRACE: check_close: writefd 1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: CLOSE some fd 1
TRACE: leave recv_msg_channel_eof
TRACE: leave process_packet
TRACE: check_close: writefd -1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: CLOSE some fd -1
TRACE: enter cli_sessionloop
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 98
TRACE: enter recv_msg_channel_request
TRACE: enter cli_chansessreq
TRACE: got exit-status of '1'
TRACE: leave recv_msg_channel_request
TRACE: leave process_packet
TRACE: check_close: writefd -1, readfd 0, errfd 2, sent_close 0,
recv_close 0
TRACE: writebuf size 0 extrabuf size 0
TRACE: CLOSE some fd -1
TRACE: enter cli_sessionloop
TRACE: enter read_packet
TRACE: enter decrypt_packet
TRACE: leave decrypt_packet
TRACE: leave read_packet
TRACE: enter process_packet
TRACE: process_packet: packet type = 97
TRACE: enter recv_msg_channel_close
TRACE: check_close: writefd -1, readfd 0, errfd 2, sent_close 0,
recv_close 1
TRACE: writebuf size 0 extrabuf size 0
TRACE: Sending MSG_CHANNEL_CLOSE in response to same.
TRACE: enter send_msg_channel_close
TRACE: enter cli_tty_cleanup
TRACE: leave cli_tty_cleanup: not in raw mode
TRACE: enter encrypt_packet()
TRACE: encrypt_packet type is 97
TRACE: enter writemac
TRACE: leave writemac
TRACE: enter enqueue
TRACE: leave enqueue
TRACE: leave encrypt_packet()
TRACE: CLOSE some fd 0
TRACE: CLOSE some fd 2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20070906/c2ea0a19/attachment-0001.htm 


More information about the Dropbear mailing list