[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5435) Seg. fault due to dereference of NULL ConfigReply * arguments.
On Tue, 18 Mar 2008, Howard Chu wrote:
> rein@basefarm.no wrote:
>> Full_Name: Rein Tollevik
>> Version: 2.4.8
>> OS:
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (84.215.2.34)
>>
>>
>> Functions in servers/slapd/back-bdb/init.c dereference their ConfigReply *
>> arguments without testing that they are non-NULL first, which causes seg.
>> faults.
>
> Obviously this should never happen. Please provide the stack trace from such
> an occurrence.
It happens if the glue overlay is used, backend_startup_one() is called
with a NULL ConfigReply * in glue_open() as the stack frame below shows.
This might be the real bug, but testing that the ConfigReply * is non-NULL
(as is done in other backend modules) sounds as the right ting to do
anyhow. Some of the overlay modules also calls backend_startup_one() with
a NULL second argument, and back-bdb/config.c calls bi_db_open() the same
way.
Rein
(gdb) where
#0 bdb_db_open (be=0x7f86a0, cr=0x0) at init.c:106
#1 0x00000000004bfe0a in over_db_func (be=0x7f86a0, cr=0x0,
which=db_open)
at backover.c:55
#2 0x00000000004c030a in over_db_open (be=0x7f86a0, cr=0x0) at
backover.c:176
#3 0x000000000044a479 in backend_startup_one (be=0x7f86a0, cr=0x0)
at backend.c:224
#4 0x00000000004beaf5 in glue_open (bi=0x7e8850) at backglue.c:653
#5 0x000000000044a62f in backend_startup (be=0x7f8100) at backend.c:255
#6 0x000000000047660c in slap_startup (be=0x7f8100) at init.c:225
#7 0x00000000004c728f in slap_tool_init (progname=0x53fca8 "slapcat",
tool=2,
argc=5, argv=0x7fbffffb78) at slapcommon.c:725
#8 0x00000000004c5836 in slapcat (argc=5, argv=0x7fbffffb78) at
slapcat.c:51
#9 0x0000000000417641 in main (argc=5, argv=0x7fbffffb78) at main.c:640