Bug 237038 - net-mgmt/wmi-client: smb_panic()] PANIC: internal error
Summary: net-mgmt/wmi-client: smb_panic()] PANIC: internal error
Status: In Progress
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: Alexey Dokuchaev
Depends on:
Reported: 2019-04-05 10:47 UTC by Frank Brendel
Modified: 2021-04-30 07:07 UTC (History)
2 users (show)

See Also:
koichiro: maintainer-feedback+

wmic with debuglevel 10 (10.51 KB, text/plain)
2021-04-30 07:06 UTC, Frank Brendel
no flags Details
wmic.core gdb backtrace (6.90 KB, text/plain)
2021-04-30 07:07 UTC, Frank Brendel
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Frank Brendel 2019-04-05 10:47:51 UTC
The wmic command crashes with the error

[lib/util/fault.c:163:fault_report()] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[lib/util/fault.c:164:fault_report()] INTERNAL ERROR: Signal 10 in pid 721 (4.0.0tp4-SVN-build-UNKNOWN)[lib/util/fault.c:165:fault_report()] 
Please read the file BUGS.txt in the distribution
[lib/util/fault.c:166:fault_report()] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[lib/util/fault.c:144:smb_panic()] PANIC: internal error
Abort (core dumped)

and a wmic.core is dumped.

To reproduce it run
  wmic -U domain/Administrator //host.local "select * from Win32_ComputerSystem"

After entering the password it crashes.
With a wrong password it returns 'NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied' as expected.

This happens on a freshly installed amd64 FreeBSD 11.2 and 12.0 respectively.

The wmic command succeeded on CentOS 7 with wmic-4.0.0tp4-0.x86_64.rpm from rpmfind.net.
Comment 1 KIKUCHI Koichiro 2019-04-08 11:38:27 UTC
I've tested on FreeBSD 11.1 and 11.2 with wmic installed from official package repo and couldn't reproduse your issue.

please let me know

 - The version of the window you are using
 - How to install wmic
Comment 2 Frank Brendel 2019-04-08 14:54:53 UTC
The error occurs with Windows Server 2008 R2 and Windows Server 2012 R2.
Both are Active Directory members.

I have it installed as package (pkg install wmi-client) as well as from the ports (cd /usr/ports/net-mgmt/wmi-client/ && make install).
Comment 3 KIKUCHI Koichiro 2019-04-17 06:54:37 UTC
(In reply to Frank Brendel from comment #2)
Sorry for delay.

I've tested again with Windows 2008 R2 (non AD member) and Windows 2012 (AD member) hosts, but still couldn't reproduce it. 

Can you provide step by step reproduction procedure that contains setting up Windows.
Comment 4 Frank Brendel 2019-04-23 13:26:40 UTC
The Windows installations are more or less standard, nothing special.
Same subnet and firewalls off.

I found out that using an IP address instead of the hostname works.
Strange because host.local is resolvable.
Comment 5 commit-hook freebsd_committer 2021-04-29 10:51:23 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=92606b55b47cb4b6ad025638171123a4c0193565

commit 92606b55b47cb4b6ad025638171123a4c0193565
Author:     Alexey Dokuchaev <danfe@FreeBSD.org>
AuthorDate: 2021-04-29 10:48:02 +0000
Commit:     Alexey Dokuchaev <danfe@FreeBSD.org>
CommitDate: 2021-04-29 10:48:06 +0000

    net-mgmt/wmi-client: backport three fixes to nbtsocket.c from upstream
    to address some known issues with the port, namely:

      - Prevent segmentation fault in certain scenarios
      - Fix busy loop on empty UDP packet (CVE-2020-14303)
      - Plug memory leak in nbt_name_request_destructor()

    While here, remove needless .include <bsd.port.options.mk> and vocalize
    the installation command.

    Commits:        ebab6d6, 3cc0f1e
    Obtained from:  https://git.samba.org/?p=samba.git;a=history;f=libcli/nbt/nbtsocket.c
    PR:             237038

 net-mgmt/wmi-client/Makefile                       |  6 +-
 ...patch-Samba_source_libcli_nbt_nbtsocket.c (new) | 82 ++++++++++++++++++++++
 2 files changed, 84 insertions(+), 4 deletions(-)
Comment 6 Alexey Dokuchaev freebsd_committer 2021-04-29 10:55:20 UTC
(In reply to Frank Brendel from comment #4)
> I found out that using an IP address instead of the hostname works.
I think I've reproduced this, and tentatively tried to fix the port.  I know it's been a while, but if you could update your ports, reconduct your tests, and confirm, so we can close this PR, it would be great.
Comment 7 Frank Brendel 2021-04-29 15:18:34 UTC
Unfortunately, I get the same error with 1.3.16_4.
It has the same behavior: IP works, hostname not.
Comment 8 Alexey Dokuchaev freebsd_committer 2021-04-30 02:38:34 UTC
(In reply to Frank Brendel from comment #7)
> Unfortunately, I get the same error with 1.3.16_4.
Sorry to hear that, but is it now graceful error or still a crash with segfault?  If the latter, could you rebuild the port WITH_DEBUG=yes, catch the backtrace under gdb, and post it here?

> It has the same behavior: IP works, hostname not.
You might also run the program with --debuglevel 10 and see if it gives you any clue.  No need to post it here as it might contain private data or other sensitive information.
Comment 9 Frank Brendel 2021-04-30 07:06:54 UTC
Created attachment 224566 [details]
wmic with debuglevel 10
Comment 10 Frank Brendel 2021-04-30 07:07:45 UTC
Created attachment 224567 [details]
wmic.core gdb backtrace