[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Crash on recursive rebind following referral (ITS#3359)

To: openldap-its@OpenLDAP.org
Subject: Re: Crash on recursive rebind following referral (ITS#3359)
From: Kurt@OpenLDAP.org
Date: Sat, 9 Oct 2004 04:16:04 GMT

At 05:09 PM 10/8/2004, Kurt@OpenLDAP.org wrote:
>I believe your analysis is correct.  I have applied a
>fix based upon your suggestion to HEAD.  Please test.

I take that back, and have reverted the change. ldap_result()
is suppose to return 0 on timeout.  Changing that breaks things.

Kurt


>Thanks, Kurt
>
>At 06:14 PM 10/5/2004, ipuleston@SonicWALL.com wrote:
>>I've located the bug. On the 2nd referral there is a timeout waiting for the
>>reply from the server (not sure why just yet), and when that happens
>>function wait4msg() incorrectly returns result code 0 to ldap_result() which
>>takes this as success and so expects there to be a reply message. wait4msg()
>>should be returning -1 on a timeout, not 0.
>>
>>The following piece of code in wait4msg() is the culprit (it is still like
>>this in 2.2.17):
>>
>>    rc = ldap_int_select( ld, tvp );
>>
>>        .....
>>
>>    if ( rc == 0 || ( rc == -1 && (
>>            !LDAP_BOOL_GET(&ld->ld_options, LDAP_BOOL_RESTART)
>>            || errno != EINTR )))
>>    {
>>            ld->ld_errno = (rc == -1 ? LDAP_SERVER_DOWN :
>>                LDAP_TIMEOUT);
>>            return( rc );
>>    }
>>
>>That last line should be changed to:
>>            return( -1 );

Prev by Date: Re: Crash on recursive rebind following referral (ITS#3359)
Next by Date: error loading ucdata
Index(es):
- Chronological
- Thread