[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6918) #include statement unsafe

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6918) #include statement unsafe
From: hyc@symas.com
Date: Thu, 5 May 2011 11:29:46 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

quanah@zimbra.com wrote:
> --On Monday, May 02, 2011 12:53 PM +0000 h.b.furuseth@usit.uio.no wrote:
>
>> hyc@symas.com writes:
>>> Nothing in the OpenLDAP code issues a truncate operation of any sort.
>>
>> There are several fopen(filename, "w") calls, which truncate the file.
>> Maybe the error confuses slapd so it takes a detour into one of them.

Irrelevant. In Windows the OS prevents you from writing to an executable file 
that is currently running. I.e., it is impossible for this to be the cause.

Try it yourself:

#include <stdio.h>
main(int argc, char *argv[]) {
	FILE *f=fopen(argv[0], "w");
	if (f) printf("opened!\n");
	else printf("failed!\n");
}

>> Quanah, can you provide a full slapd.conf and command line which causes
>> this?  Not that I have a Windows box to test it on, but still...
>
> The command line was just slapd.exe -d -1 -f slapd.conf
>
> The slapd.conf itself is fairly small.  The line that wrapped was the
> include for inetOrgPerson.  Everything obviously stopped when it hit the
> wrapped include.
>
> ucdata-path     "/opt/zimbra/openldap/ucdata"
> include         "/opt/zimbra/openldap/etc/openldap/schema/core.schema"
> include         "/opt/zimbra/openldap/etc/openldap/schema/cosine.schema"
> include
> "/opt/zimbra/openldap/etc/openldap/schema/inetorgperson.schema"

Yes, but since "everything obviously stopped" there's nothing in slapd that 
fopen's any files from that point.

First of all this problem cannot be specific to the include statement, since 
the input validation will reject the line before ever going anywhere the code 
for include handling. So, you ought to be able to reproduce this issue using 
any config statement that requires a single argument.

Second, slapd stops all parsing and simply exits when it hits a config error. 
And this is early enough in the config file that nothing else has been 
initialized yet, so the teardown processing has very little to do.

If you still believe it's happening inside slapd the obvious thing to do to 
track this is to run slapd under gdb and set a few breakpoints. E.g., one at 
the end of the config parser, and one at slapd's call to exit(). At each 
breakpoint, check the filesize of the slapd.exe.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#6928) slapd: daemon.c:942: slapd_clr_write: Assertion `((slap_daemon[id].sd_index[(s)]) != -1)' failed.
Next by Date: (ITS#6929) lutil_get_filed_password() filed descriptor leak
Index(es):
- Chronological
- Thread