[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8660) slapd segmentation faults (relay backend and rwm overlay)

Full_Name: Vlado Nespor
Version: 2.4.44
OS: Red Hat el7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2001:67c:10ec:32d0::222)


We have experienced random slapd segmentation faults, when the relay 
backend and rwm overlay were used in the configuration. After some 
time I could reproduce the segmentation fault on a slow client and 
with test queries, which were supposed to return a larger set of entries. 

I could trace the problem to a wrong pointer in the slap_writewait_play 
function in the openldap-2.4.44/servers/slapd/result.c file, and then 
further to the openldap-2.4.44/servers/slapd/back-relay/op.c file. After 
the addition of the sc_writewait pointer initialisation (see the patch 
below), the test queries returned correct results and random slapd 
segmentation faults disappeared.

With best regards,

Vlado Nespor


diff -rupN openldap-2.4.44/servers/slapd/back-relay/op.c
openldap-2.4.44_back-relay/servers/slapd/back-relay/op.c
--- openldap-2.4.44/servers/slapd/back-relay/op.c	2016-02-06 00:57:45.000000000
+0100
+++ openldap-2.4.44_back-relay/servers/slapd/back-relay/op.c	2017-02-07
15:09:55.046188340 +0100
@@ -97,6 +97,7 @@ relay_back_response_cb( Operation *op, S
 		(rcb)->rcb_sc.sc_next = (op)->o_callback;	\
 		(rcb)->rcb_sc.sc_response = relay_back_response_cb; \
 		(rcb)->rcb_sc.sc_cleanup = 0;			\
+		(rcb)->rcb_sc.sc_writewait = 0;			\
 		(rcb)->rcb_sc.sc_private = (op)->o_bd;		\
 		(op)->o_callback = (slap_callback *) (rcb);	\
 }