Full_Name: Jan Synacek Version: 2.4.30 OS: Fedora 16 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (209.132.186.34) I've created a small reproducer, that calls ldap_sasl_interactive_bind_s after it has been called once and failed, which causes a segfault. I've traced this bug with gdb: $ gdb ./reproducer GNU gdb (GDB) Fedora (7.3.50.20110722-10.fc16) Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /home/jsynacek/work/bz784989-openldap-rebinding/reproducer...done. (gdb) r Starting program: /home/jsynacek/work/bz784989-openldap-rebinding/reproducer [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". ldap_sasl_interactive_bind: user selected: GSSAPI ldap_int_sasl_bind: GSSAPI ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:636 ldap_new_socket: 7 ldap_prepare_socket: 7 ldap_connect_to_host: Trying ::1 636 ldap_pvt_connect: fd: 7 tm: -1 async: 0 TLS: error: tlsm_PR_Recv returned 0 - error 21:Is a directory TLS: error: connect - force handshake failure: errno 21 - moznss error -5938 TLS: can't connect: TLS error -5938:Encountered end of file. ldap_msgfree ldap_err2string bind failed: Can't contact LDAP server, retrying for fun and profit! ldap_sasl_interactive_bind: user selected: GSSAPI ldap_int_sasl_bind: GSSAPI Program received signal SIGSEGV, Segmentation fault. ldap_int_sasl_bind (ld=0x603130, dn=0x0, mechs=0x401a30 "GSSAPI", sctrls=0x0, cctrls=0x0, flags=1, interact=0x401660 <lutil_sasl_interact>, defaults=0x60cae0, result=0x0, rmech=0x7fffffffd878, msgid=0x7fffffffd88c) at ../../../libraries/libldap/cyrus.c:444 444 oldctx = ld->ld_defconn->lconn_sasl_authctx; (gdb) p ld->ldc->ldc_defconn $1 = (LDAPConn *) 0x0 If you set slapd to use TLS certs (uncomment the 'TLS*' lines in the config), there is no segfault. The reproducer and the config can be found here: URL1: http://jsynacek.fedorapeople.org/openldap/rebind-segfault/reproducer.c URL2: http://jsynacek.fedorapeople.org/openldap/rebind-segfault/cn=config.ldif
jsynacek@redhat.com wrote: > Full_Name: Jan Synacek > Version: 2.4.30 > OS: Fedora 16 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (209.132.186.34) > > > I've created a small reproducer, that calls ldap_sasl_interactive_bind_s after > it has been called once and failed, which causes a segfault. Fixed now in git master, thanks for the report. > > I've traced this bug with gdb: > $ gdb ./reproducer > > GNU gdb (GDB) Fedora (7.3.50.20110722-10.fc16) > Copyright (C) 2011 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later<http://gnu.org/licenses/gpl.html> > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. Type "show copying" > and "show warranty" for details. > This GDB was configured as "x86_64-redhat-linux-gnu". > For bug reporting instructions, please see: > <http://www.gnu.org/software/gdb/bugs/>... > Reading symbols from > /home/jsynacek/work/bz784989-openldap-rebinding/reproducer...done. > (gdb) r > Starting program: /home/jsynacek/work/bz784989-openldap-rebinding/reproducer > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > ldap_sasl_interactive_bind: user selected: GSSAPI > ldap_int_sasl_bind: GSSAPI > ldap_new_connection 1 1 0 > ldap_int_open_connection > ldap_connect_to_host: TCP localhost:636 > ldap_new_socket: 7 > ldap_prepare_socket: 7 > ldap_connect_to_host: Trying ::1 636 > ldap_pvt_connect: fd: 7 tm: -1 async: 0 > TLS: error: tlsm_PR_Recv returned 0 - error 21:Is a directory > TLS: error: connect - force handshake failure: errno 21 - moznss error -5938 > TLS: can't connect: TLS error -5938:Encountered end of file. > ldap_msgfree > ldap_err2string > bind failed: Can't contact LDAP server, retrying for fun and profit! > ldap_sasl_interactive_bind: user selected: GSSAPI > ldap_int_sasl_bind: GSSAPI > > Program received signal SIGSEGV, Segmentation fault. > ldap_int_sasl_bind (ld=0x603130, dn=0x0, mechs=0x401a30 "GSSAPI", sctrls=0x0, > cctrls=0x0, flags=1, > interact=0x401660<lutil_sasl_interact>, defaults=0x60cae0, result=0x0, > rmech=0x7fffffffd878, > msgid=0x7fffffffd88c) at ../../../libraries/libldap/cyrus.c:444 > 444 oldctx = ld->ld_defconn->lconn_sasl_authctx; > (gdb) p ld->ldc->ldc_defconn > $1 = (LDAPConn *) 0x0 > > If you set slapd to use TLS certs (uncomment the 'TLS*' lines in the config), > there is no segfault. > > The reproducer and the config can be found here: > URL1: http://jsynacek.fedorapeople.org/openldap/rebind-segfault/reproducer.c > URL2: http://jsynacek.fedorapeople.org/openldap/rebind-segfault/cn=config.ldif > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Test moved from Incoming to Software Bugs
changed notes changed state Test to Release
changed notes changed state Release to Closed
fixed in master fixed in RE24