https://bugs.exim.org/show_bug.cgi?id=2813
--- Comment #6 from Jeremy Harris <jgh146exb@???> ---
Thanks for the stack dump. It looks like the pam library is calling free
on o pointer that was not malloc'd; possibly something the exim code thinks
it owns, or possibly a plain bug in the pam library.
The exim coding gets the handle passed to pam_authenticate() directly from
pam_start() as documented. That only leaves the other args to pam_start(),
which are presumably referenced by the pam object. I'd say this is a bug
in the library - the manpage I'm reading makes no mention of resttrictions
on the other values for pam_start() - in particular does not say the any must
be a malloc'd pointer and will be freed by the library.
We could experiment by copying various args into malloc'd memory, if you care -
but I don't think this is an Exim bug at this stage.
--
You are receiving this mail because:
You are on the CC list for the bug.