[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7207) Re-binding to a failed connection segfaults

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7207) Re-binding to a failed connection segfaults
From: hyc@symas.com
Date: Mon, 26 Mar 2012 10:38:59 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

jsynacek@redhat.com wrote:
> Full_Name: Jan Synacek
> Version: 2.4.30
> OS: Fedora 16
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (209.132.186.34)
>
>
> I've created a small reproducer, that calls ldap_sasl_interactive_bind_s after
> it has been called once and failed, which causes a segfault.

Fixed now in git master, thanks for the report.
>
> I've traced this bug with gdb:
> $ gdb ./reproducer
>
> GNU gdb (GDB) Fedora (7.3.50.20110722-10.fc16)
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later<http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-redhat-linux-gnu".
> For bug reporting instructions, please see:
> <http://www.gnu.org/software/gdb/bugs/>...
> Reading symbols from
> /home/jsynacek/work/bz784989-openldap-rebinding/reproducer...done.
> (gdb) r
> Starting program: /home/jsynacek/work/bz784989-openldap-rebinding/reproducer
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/libthread_db.so.1".
> ldap_sasl_interactive_bind: user selected: GSSAPI
> ldap_int_sasl_bind: GSSAPI
> ldap_new_connection 1 1 0
> ldap_int_open_connection
> ldap_connect_to_host: TCP localhost:636
> ldap_new_socket: 7
> ldap_prepare_socket: 7
> ldap_connect_to_host: Trying ::1 636
> ldap_pvt_connect: fd: 7 tm: -1 async: 0
> TLS: error: tlsm_PR_Recv returned 0 - error 21:Is a directory
> TLS: error: connect - force handshake failure: errno 21 - moznss error -5938
> TLS: can't connect: TLS error -5938:Encountered end of file.
> ldap_msgfree
> ldap_err2string
> bind failed: Can't contact LDAP server, retrying for fun and profit!
> ldap_sasl_interactive_bind: user selected: GSSAPI
> ldap_int_sasl_bind: GSSAPI
>
> Program received signal SIGSEGV, Segmentation fault.
> ldap_int_sasl_bind (ld=0x603130, dn=0x0, mechs=0x401a30 "GSSAPI", sctrls=0x0,
> cctrls=0x0, flags=1,
>      interact=0x401660<lutil_sasl_interact>, defaults=0x60cae0, result=0x0,
> 	rmech=0x7fffffffd878,
> 	msgid=0x7fffffffd88c) at ../../../libraries/libldap/cyrus.c:444
> 444                     oldctx = ld->ld_defconn->lconn_sasl_authctx;
> (gdb) p ld->ldc->ldc_defconn
> $1 = (LDAPConn *) 0x0
>
> If you set slapd to use TLS certs (uncomment the 'TLS*' lines in the config),
> there is no segfault.
>
> The reproducer and the config can be found here:
> URL1: http://jsynacek.fedorapeople.org/openldap/rebind-segfault/reproducer.c
> URL2: http://jsynacek.fedorapeople.org/openldap/rebind-segfault/cn=config.ldif
>
>


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#7205) olcSuffix does not support modifications
Next by Date: (ITS#7217) libperl-dev check is missing in configure
Index(es):
- Chronological
- Thread