[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3948) slurpd crash in ldap_pvt_tls_destroy()

Full_Name: Hallvard B Furuseth
Version: HEAD
OS: Linux
Submission from: (NULL) (
Submitted by: hallvard

In test007, slurpd crashes in ldap_pvt_tls_destroy() during shutdown.
(The test succeeds anyway, it ignores slurpd's exit status.)
This is with OpenSSL 0.9.8, I'm not sure if it happens with 0.9.7.
Will test if nobody else does, but maybe not for a few days.

It happens in SSL_CTX_free() in ldap_pvt_tls_destroy() in main().
The stack trace is broken:
(gdb) bt
#0  0x00a14df9 in free () from /lib/tls/libc.so.6
#1  0xb7ec8597 in CRYPTO_free ()
   from /hbf/scratch/install/lib/libcrypto.so.0.9.8
#2  0x080af758 in ?? ()
#3  0x009affd4 in ?? () from /lib/ld-linux.so.2
#4  0x0806bf22 in ldap_int_tls_start (ld=0x6465ac3, conn=0x10ec8300,
    srv=0xff648b8b) at tls.c:1397
Previous frame inner to this frame (corrupt stack?)

If the SSL_CTX_free() call in tls.c or the ldap_pvt_tls_init_def_ctx()
call in slurpd/main.c is removed, slurpd does not crash.  I don't what
the effect of that is though.  I notice slapd/main.c does some
LDAP_OPT_X_TLS_CTX magic around its ldap_pvt_tls_init_def_ctx() call,
maybe slurpd should do something similar?