OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Incoming/6445
Full headers

From: h.b.furuseth@usit.uio.no
Subject: Duplicate free with back-relay + passwd op
Compose comment
Download message
State:
0 replies:
0 followups:

Major security issue: yes  no

Notes:

Notification:


Date: Thu, 07 Jan 2010 17:42:20 +0000
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: Duplicate free with back-relay + passwd op
Full_Name: Hallvard B Furuseth
Version: HEAD
OS: Linux
URL: 
Submission from: (NULL) (129.240.6.233)
Submitted by: hallvard


HEAD configured with CPPFLAGS=-DSLAP_NO_SL_MALLOC
./run test030-relay  with slapd under valgrind
Bad frees of op->o_req_ndn.bv_val and op->o_req_dn.bv_val:

    Invalid slap_sl_free()
       by 0x4864F1: do_extended (extended.c:187)
     Address 0xd8853a0 is 0 bytes inside a block of size 62 free'd
       by 0x487DAC: passwd_extop (passwd.c:321)
       by 0x486712: fe_extended (extended.c:225)
       by 0x486491: do_extended (extended.c:180)
    
    Invalid slap_sl_free()
       by 0x486515: do_extended (extended.c:189)
     Address 0xd8855d0 is 0 bytes inside a block of size 62 free'd
       by 0x487DFF: passwd_extop (passwd.c:325)
       by 0x486712: fe_extended (extended.c:225)
       by 0x486491: do_extended (extended.c:180)

The four backtraces are surrounded by:
       at 0x4A05A31: free (vg_replace_malloc.c:325)
       by 0x4E707E5: ber_memfree_x (memory.c:152)
       by 0x4B7157: slap_sl_free (sl_malloc.c:481)
       <...backtrace above...>
       by 0x4444F8: connection_operation (connection.c:1109)
       by 0x444A7D: connection_read_thread (connection.c:1245)
       by 0x4C1AFE2: ldap_int_thread_pool_wrapper (tpool.c:685)
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org