[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7469) MDB double free when slapcatting a subtree



--On Tuesday, December 11, 2012 1:07 AM +0000 openldap-its@OpenLDAP.org 
wrote:

zimbra@zre-ldap001:~$ valgrind /opt/zimbra/openldap/sbin/slapcat -F 
/opt/zimbra/data/ldap/config -b "" -s dc=com -l /tmp/blah.ldif
==3554== Memcheck, a memory error detector
==3554== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==3554== Using Valgrind-3.6.0.SVN and LibVEX; rerun with -h for copyright 
info
==3554== Command: /opt/zimbra/openldap/sbin/slapcat -F 
/opt/zimbra/data/ldap/config -b  -s dc=com -l /tmp/blah.ldif
==3554==
==3554== Invalid read of size 8
==3554==    at 0x66A63C4: __strspn_sse42 (smmintrin.h:510)
==3554==    by 0x4E681F8: ldap_pvt_strtok (string.c:92)
==3554==    by 0x499C4E: str2anlist (ad.c:936)
==3554==    by 0x47388B: parse_acl (aclparse.c:473)
==3554==    by 0x41A454: config_generic (bconfig.c:1825)
==3554==    by 0x42E1DB: config_set_vals (config.c:345)
==3554==    by 0x42E73A: config_add_vals (config.c:418)
==3554==    by 0x42F45B: config_parse_add (config.c:689)
==3554==    by 0x425A1B: config_add_internal (bconfig.c:5182)
==3554==    by 0x421E40: config_ldif_resp (bconfig.c:3990)
==3554==    by 0x453E2B: slap_response_play (result.c:507)
==3554==    by 0x455A44: slap_send_search_entry (result.c:1011)
==3554==  Address 0x6afc0f8 is 8 bytes inside a block of size 13 alloc'd
==3554==    at 0x4C275D8: malloc (vg_replace_malloc.c:236)
==3554==    by 0x509AFD5: ber_memalloc_x (memory.c:228)
==3554==    by 0x509B910: ber_strdup_x (memory.c:638)
==3554==    by 0x463B0E: ch_strdup (ch_malloc.c:121)
==3554==    by 0x499BA2: str2anlist (ad.c:924)
==3554==    by 0x47388B: parse_acl (aclparse.c:473)
==3554==    by 0x41A454: config_generic (bconfig.c:1825)
==3554==    by 0x42E1DB: config_set_vals (config.c:345)
==3554==    by 0x42E73A: config_add_vals (config.c:418)
==3554==    by 0x42F45B: config_parse_add (config.c:689)
==3554==    by 0x425A1B: config_add_internal (bconfig.c:5182)
==3554==    by 0x421E40: config_ldif_resp (bconfig.c:3990)
==3554==
==3554== Invalid read of size 8
==3554==    at 0x66A63AD: __strspn_sse42 (emmintrin.h:679)
==3554==    by 0x4E681F8: ldap_pvt_strtok (string.c:92)
==3554==    by 0x499E1F: str2anlist (ad.c:938)
==3554==    by 0x47388B: parse_acl (aclparse.c:473)
==3554==    by 0x41A454: config_generic (bconfig.c:1825)
==3554==    by 0x42E1DB: config_set_vals (config.c:345)
==3554==    by 0x42E73A: config_add_vals (config.c:418)
==3554==    by 0x42F45B: config_parse_add (config.c:689)
==3554==    by 0x425A1B: config_add_internal (bconfig.c:5182)
==3554==    by 0x421E40: config_ldif_resp (bconfig.c:3990)
==3554==    by 0x453E2B: slap_response_play (result.c:507)
==3554==    by 0x455A44: slap_send_search_entry (result.c:1011)
==3554==  Address 0xa57bbc8 is 40 bytes inside a block of size 46 alloc'd
==3554==    at 0x4C275D8: malloc (vg_replace_malloc.c:236)
==3554==    by 0x509AFD5: ber_memalloc_x (memory.c:228)
==3554==    by 0x509B910: ber_strdup_x (memory.c:638)
==3554==    by 0x463B0E: ch_strdup (ch_malloc.c:121)
==3554==    by 0x499BA2: str2anlist (ad.c:924)
==3554==    by 0x47388B: parse_acl (aclparse.c:473)
==3554==    by 0x41A454: config_generic (bconfig.c:1825)
==3554==    by 0x42E1DB: config_set_vals (config.c:345)
==3554==    by 0x42E73A: config_add_vals (config.c:418)
==3554==    by 0x42F45B: config_parse_add (config.c:689)
==3554==    by 0x425A1B: config_add_internal (bconfig.c:5182)
==3554==    by 0x421E40: config_ldif_resp (bconfig.c:3990)
==3554==
50c689a0 mdb_db_open: database "" cannot be opened, err 22. Restore from 
backup!
50c689a0 backend_startup_one (type=mdb, suffix=""): bi_db_open failed! (22)
slap_startup failed
==3554==
==3554== HEAP SUMMARY:
==3554==     in use at exit: 3,904,527 bytes in 46,449 blocks
==3554==   total heap usage: 89,842 allocs, 43,393 frees, 31,218,836 bytes 
allocated
==3554==
==3554== LEAK SUMMARY:
==3554==    definitely lost: 0 bytes in 0 blocks
==3554==    indirectly lost: 0 bytes in 0 blocks
==3554==      possibly lost: 0 bytes in 0 blocks
==3554==    still reachable: 3,904,527 bytes in 46,449 blocks
==3554==         suppressed: 0 bytes in 0 blocks
==3554== Rerun with --leak-check=full to see details of leaked memory
==3554==
==3554== For counts of detected and suppressed errors, rerun with: -v
==3554== ERROR SUMMARY: 8 errors from 2 contexts (suppressed: 59 from 5)

--Quanah


--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration