Connecting through PowerShell/PSRP using basic auth with invalid credentials causes a segfault in debug builds.
The problem is due to an invalid pointer dereference.
At the lowest level, when the error is posted, PostResult has the following lines at the end:
Message_AddRef(&errorMsg->base);
Strand_ScheduleAux(&self->strand, PROTOCOLSOCKET_STRANDAUX_POSTMSG);
PostResultMsg_Release(errorMsg);
After calling Strand_ScheduleAux, the operation that was passed into InteractionProtocolHandler_Session_Connect has been freed (in debug builds, the memory block is filled with 0xdddddddddddddddd). This causes the seg fault for the following reason:
1: MI_RESULT_ACCESS_DEFINED gets returned to WsmanClient_New_Connector
2: WsmanClient_New_Connector jumps to finished2 and posts another error result but then returns MI_RESULT_OK to the caller.
3: InteractionProtocolHandler_Session_Connect receives the MI_RESULT_OK and attempts to continue but it is referencing a stale memory pointer; it checks for a non-null pointer in one of the fields. In release builds, this check succeeds, the memory block is zero filled. In debug builds, the field is non-null (0xdddddddddddddddd) and the pointer is dereferenced causing a segfault.
Returning MI_RESULT_OK appears to be suspect since it requires dereferencing a stale memory pointer. Alternatively, the operation is getting deleted when it should not be.
Connecting through PowerShell/PSRP using basic auth with invalid credentials causes a segfault in debug builds.
The problem is due to an invalid pointer dereference.
At the lowest level, when the error is posted, PostResult has the following lines at the end:
Message_AddRef(&errorMsg->base);
Strand_ScheduleAux(&self->strand, PROTOCOLSOCKET_STRANDAUX_POSTMSG);
PostResultMsg_Release(errorMsg);
After calling Strand_ScheduleAux, the operation that was passed into InteractionProtocolHandler_Session_Connect has been freed (in debug builds, the memory block is filled with 0xdddddddddddddddd). This causes the seg fault for the following reason:
1: MI_RESULT_ACCESS_DEFINED gets returned to WsmanClient_New_Connector
2: WsmanClient_New_Connector jumps to finished2 and posts another error result but then returns MI_RESULT_OK to the caller.
3: InteractionProtocolHandler_Session_Connect receives the MI_RESULT_OK and attempts to continue but it is referencing a stale memory pointer; it checks for a non-null pointer in one of the fields. In release builds, this check succeeds, the memory block is zero filled. In debug builds, the field is non-null (0xdddddddddddddddd) and the pointer is dereferenced causing a segfault.
Returning MI_RESULT_OK appears to be suspect since it requires dereferencing a stale memory pointer. Alternatively, the operation is getting deleted when it should not be.