[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS #76) (ITS#79)

To: openldap-its@OpenLDAP.org
Subject: (ITS #76) (ITS#79)
From: dirk-n@dircon.co.uk
Date: Thu, 18 Feb 1999 22:05:03 GMT

I have found out more about the coredump- 
I can reproduce it using 'ldapsearch' using the following command line 
(with my ldif file)

ldapsearch -v -D
'cn=WWW/LDAP-Gateway,cn=fornax,ou=IT,ou=Admin,ou=Periphonics VPS
Ltd.,c=GB,ou=Periphonics EMEA,o=Periphonics Corporation,dc=peri,dc=com'
-b 'c=GB,ou=Periphonics EMEA,o=Periphonics Corporation,dc=peri,dc=com'
-s base -a find  'objectclass=*'

It's caused when:
a) base DN is set to a value like
'ou=MyOrgU,ou=MyHigherOrgU,o=MyOrg,c=GB'
b) we are beginning a search with filter 'objectclass=*'
c) the DN we begin the search with is something like
'ou=MyHigherOrgU,o=MyOrg,c=GB'
  (so it's above the base. does this even make sense)
d) There is no DN entry in the database for
'ou=MyHigherOrgU,o=MyOrg,c=GB'
   but there is one for 'o=MyOrg,c=GB'
e) alias deref is set to always or search. i.e we have to try aliases on
this. 

There is a problem in derefDN in back-ldbm/alias.c where it is possible
that we break out of the first large alias search loop with newDN set to
NULL.
The second loop (which checks to see if there are any aliases left in
the remaining part of the DN, I guess) could call dn2entry_r with a NULL
DN. That's what causes the segfault.. 

I've got a fix that will stop the coredump, but I think it might break
the alias mechanism in more general ways. Basically consists of an
if(NewDN != NULL) wrapper around the second alias search loop. If newDN
is set to null the derefDN routine then just returns the old DN. I have
no idea whether that behaviour is correct.
 
here is a diff (I don't think it actually fixes behaviour, it just
prevents 
the coredump.
----------------------------------- cut here
-----------------------------------
--- alias.c.orig        Thu Feb  4 18:49:52 1999
+++ alias.c     Thu Feb 18 21:29:48 1999
@@ -278,15 +278,17 @@
    * e.g. if we had started with dn = o=MyAliasedOrg,c=MyCountry the dn
would match
    * and the above loop complete but we would still be left with an
aliased DN.
    */
-  if ( (eNew = dn2entry_r( be, newDN, &matched )) != NULL) {
-    if ((eDeref = derefAlias_r( be, conn, op, eNew )) != NULL) {
-      free (newDN);
-      newDN = ch_strdup (eDeref->e_dn);
+  if (newDN != NULL) {
+    if ( (eNew = dn2entry_r( be, newDN, &matched )) != NULL) {
+      if ((eDeref = derefAlias_r( be, conn, op, eNew )) != NULL) {
+        free (newDN);
+        newDN = ch_strdup (eDeref->e_dn);
+        /* free reader lock */
+        cache_return_entry_r(&li->li_cache, eDeref);
+      }  
       /* free reader lock */
-      cache_return_entry_r(&li->li_cache, eDeref);
+      cache_return_entry_r(&li->li_cache, eNew);
     }
-    /* free reader lock */
-    cache_return_entry_r(&li->li_cache, eNew);
   }
   if (matched != NULL) free(matched);
   
------------------------------ cut here -------------------------------
 |  /  _ \ _ _| __ \          Dirk Niggemann 
 ' /  |   |  |  |   |         dirk-n@dircon.co.uk 
 . \  __ <   |  |   |         
_|\_\_| \_\___|____/

Prev by Date: ldapmordrn loses records (ITS#78)
Next by Date: Re: Deadlock (ITS#77)
Index(es):
- Chronological
- Thread