[Date Prev][Date Next] [Chronological] [Thread] [Top]

sasl/db related runtime crash (ITS#1798)

To: openldap-its@OpenLDAP.org
Subject: sasl/db related runtime crash (ITS#1798)
From: kervin@blueprint-tech.com
Date: Sun, 5 May 2002 01:08:30 GMT

Full_Name: Kervin Pierre
Version: CVS
OS: rh7.2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (65.186.68.157)


This is a sasl error, but it causes a runtime crash in slapd, so I believe it's
pertinent to the list.

I suspect the issue has to do with cyrus sasl 2 ( tested with 2.1.2 ) harded
coded check for db3/db.h in its aclocal file before looking for db.h.  It then,
though, links against the most recent db library that it finds.  

Therefore it compiles against version 3 headers, but links against the most
recent ( in my case version 4 ), if you have both installed.

This is my guess, at least.  Also, at that time /etc/sasldb2 does not exist.  

at any rate, this causes a segfault in berkeleydb_open() in
'cyrus-sasl-2.1.2/sasldb/db_berkeley.c' taking slapd with it...

...
#else /* DB_VERSION_MAJOR < 3 */
    ret = db_create(mbdb, NULL, 0);
    if (ret == 0 && *mbdb != NULL)
    {
            ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, flags, 0660);
...

Segfault is at the open()

The end result is that ldapsearch reliabley crashes slapd if I don't use '-x'
flag.

(gdb) bt f
#0  0x00000000 in ?? ()
No symbol table info available.
#1  0x403bbdb4 in berkeleydb_open (utils=0x8200290, conn=0x81ff600, rdwr=0,
mbdb=0x40902e70) at db_berkeley.c:92
        path = 0x403bc880 "/etc/sasldb2"
        ret = 0
        cntxt = (void *) 0x81ff600
        getopt = (sasl_getopt_t *) 0x401252d0 <_sasl_conn_getopt>
        path = 0x403bc880 "/etc/sasldb2"
        cntxt = (void *) 0x81ff600
        getopt = (sasl_getopt_t *) 0x401252d0 <_sasl_conn_getopt>
#2  0x403bbf4a in _sasldb_getdata (utils=0x8200290, context=0x81ff600,
auth_identity=0x8201800 "kervin", 
    realm=0x82017f0 "bashful", propName=0x40022377 "userPassword",
out=0x40902f0c "", max_out=8192, out_len=0x40902f00)
    at db_berkeley.c:173
        result = 0
        key = 0x8201810 "kervin"
        key_len = 27
        dbkey = {data = 0x40902f04, size = 0, ulen = 1083190996, dlen =
1077653269, doff = 136315536, flags = 136320992}
        data = {data = 0x8201800, size = 136320992, ulen = 1083190948, dlen =
1076703272, doff = 0, flags = 0}
        mbdb = (DB *) 0x8201830
        key = 0x8201810 "kervin"
        key_len = 27
        dbkey = {data = 0x40902f04, size = 0, ulen = 1083190996, dlen =
1077653269, doff = 136315536, flags = 136320992}
        data = {data = 0x8201800, size = 136320992, ulen = 1083190948, dlen =
1076703272, doff = 0, flags = 0}
        mbdb = (DB *) 0x8201830
...
...

--Kervin

Prev by Date: RE: used unitialized (ITS#1797)
Next by Date: Re: sasl/db related runtime crash (ITS#1798)
Index(es):
- Chronological
- Thread