[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP crash upon modify error (ITS#2136)



Full_Name: Bruno Spieler
Version: 2.1.4
OS: Solaris 8
URL: 
Submission from: (NULL) (195.68.44.148)


Hi here

I've got a 2.1.4 Openldap software compiled on an UltraSparc under Solaris 8
with SUNWPro compiler, with DEBUG support, but no NEW_LOGGING define.

When I try to add an attribute (let's say description) to an entry, using a
value already present in this entry for this attribute, my OpenLDAP server
crashes.

The slapd is launched with a "-d" parameter

The problem is in the Debug macro which seems to map to lutil_debug() function
in "liblber/debug.c".
A call to vsnprintf is performed (HAVE_VSNPRINTF is defined) with a format
"bdb_modify_internal: %d %s\n" in file back-bdb/modify.c, but the '%s' is
associated with a string pointer ("*text" in my case, expected to contain a
human readable description of the error), which has been left to NULL by the
previous call to modify_add_values() (at least one control path in this function
does not set the text variable nor feed the error buffer).

My Solaris (my compiler ?) does not seem to like NULL string pointer. The
following program crashes for example (don't expect anything more clever from
strlen !):

#include <stdio.h>

main()
{
  printf("Hello %s\n", NULL);
}

By the way, after the crash has occured, the concerned back-end is not usable
anymore even if you restart the slapd : slapd seems to be waiting for a lock in
a transaction or whatever.
Using the great db_recover tool from SleepyCat solves the problem !