[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5311) Custom client searching cn=Monitor crashes SLAPD
Full_Name: Dave Horsfall
Version: 2.4.7 + ITS #5291 patch
OS: FreeBSD 6.2
URL: http://www.horsfall.org/slapd-crash/
Submission from: (NULL) (192.65.182.30)
We have a custom client called LGET (which is not much more than a fancy output
formatter based on the example code kicking around somewhere; I can provide the
source, but there's no way that it will compile anywhere but here) that reliably
crashes SLAPD when doing a search on "cn=Monitor".
Example:
lget -h localhost -b cn=monitor '(objectClass=*)' '*'
(May need to do this several times; it will crash eventually)
lget: Can't contact LDAP server
slapd.log:
Jan 8 10:37:33 mippet slapd[59883]: conn=14 fd=66 ACCEPT from
IP=127.0.0.1:52984 (IP=0.0.0.0:389)
Jan 8 10:37:33 mippet slapd[59883]: conn=14 op=0 SRCH base="cn=monitor" scope=2
deref=0 filter="(objectClass=*)"
Jan 8 10:37:33 mippet slapd[59883]: conn=14 op=0 SRCH attr=* +
This is sometimes followed by e.g.:
Jan 8 10:39:29 mippet slapd[83101]: ch_malloc of 1195801456 bytes failed
Although the debug shows traffic on the wire the client only shows a few blank
lines (but that's not really relevant).
Debug output in "debug.out.gz", and GDB output in "gdb.out".