Bug 239802

Summary: bind_sdb, ldap2zone segfaulting
Product: [Fedora] Fedora Reporter: Tomas Vanderka <tomas.vanderka>
Component: bindAssignee: Adam Tkac <atkac>
Status: CLOSED ERRATA QA Contact: Ben Levenson <benl>
Severity: high Docs Contact:
Priority: high    
Version: 6CC: ovasik
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: 9.4.1-4.fc7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-08 15:59:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 239149    
Bug Blocks: 240788    

Description Tomas Vanderka 2007-05-11 13:37:59 UTC 
Description:
bind_sdb and ldap2zone segfaulting when using ldap.

Version-Release number of selected component (if applicable):
bind-sdb-9.3.4-4.fc6

Additional info:
ldap.h is not correctly included during compilation, so ldap_* functions are 
implicitly declared like returning int (some of those return pointers, so on 
x86_64 the pointer is truncated to 32 bits -> segfault), package build 
finishes ok but binaries are broken. LDAP_DEPRECATED should be defined during 
compilation.

#rpmbuild -bi /usr/src/redhat/SPECS/bind.spec

gcc -fPIE -I/usr/src/redhat/BUILD/bind-9.3.4 -I./include -I./unix/include -I/usr/src/redhat/BUILD/bind-9.3.4/lib/lwres/include -I../../lib/lwres/unix/include -I../../lib/lwres/include -I/usr/src/redhat/BUILD/bind-9.3.4/lib/dns/include -I../../lib/dns/include -I/usr/src/redhat/BUILD/bind-9.3.4/lib/bind9/include -I../../lib/bind9/include -I/usr/src/redhat/BUILD/bind-9.3.4/lib/isccfg/include -I../../lib/isccfg/include -I/usr/src/redhat/BUILD/bind-9.3.4/lib/isccc/include -I../../lib/isccc/include -I/usr/src/redhat/BUILD/bind-9.3.4/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/pthreads/include   -D_REENTRANT   -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -I/usr/kerberos/include    -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing  -c 
ldapdb.c
ldapdb.c: In function 'ldapdb_getconn':
ldapdb.c:138: warning: implicit declaration of function 'ldap_unbind'
ldapdb.c: In function 'ldapdb_bind':
ldapdb.c:200: warning: implicit declaration of function 'ldap_open'
ldapdb.c:200: warning: assignment makes pointer from integer without a cast
ldapdb.c:214: warning: implicit declaration of function 'ldap_simple_bind_s'
ldapdb.c: In function 'ldapdb_search':
ldapdb.c:260: warning: implicit declaration of function 'ldap_search'
ldapdb.c:296: warning: implicit declaration of function 'ldap_get_values'
ldapdb.c:296: warning: assignment makes pointer from integer without a cast
ldapdb.c:301: warning: assignment makes pointer from integer without a cast
ldapdb.c:304: warning: implicit declaration of function 'ldap_value_free'
ldapdb.c:322: warning: assignment makes pointer from integer without a cast
Comment 1 Adam Tkac 2007-05-11 15:39:24 UTC 
(In reply to comment #0)
> finishes ok but binaries are broken. LDAP_DEPRECATED should be defined during 
> compilation.

Better solution is change functions to newer than using deprecated API

Regards, -A-
Comment 2 Adam Tkac 2007-05-18 14:35:39 UTC 
Needs more work than I think. You could download temporary solution with
LDAP_DEPRECATED macro before I rewrite affected parts of code.
http://people.redhat.com/atkac/test_srpms/bind-9.3.4-4.5.fc6.src.rpm

-A-
Comment 3 Adam Tkac 2007-05-21 13:30:59 UTC 
Could you please test proposed update?
http://people.redhat.com/atkac/test_srpms/bind-9.4.1-2.1.fc8.src.rpm

Thanks, -A-
Comment 4 Adam Tkac 2007-05-22 15:29:41 UTC 
Could be fixed in bind-9.3.4-5.fc6 which will be avaliable very soon. Please
tell me your feelings :)

Regards, Adam
Comment 5 Tomas Vanderka 2007-05-23 08:58:02 UTC 
Hi, i tried version from comment #3, there are still segfaults. There's one in 
ldap2zone at 'ttlvals = ldap_get_values(ld, e, "dNSTTL");'

bind_sdb segfaults if i use ldapuri like "ldap://host/dc=aaa,dc=bb" (no 
extensions) cause then data->lud->lud_exts is null at ldapdb.c:643
When i just put ???? at the end of uri, so there's an empty extension 
ldap_url_parse does not like it.

I also tried to put some random text as the extension ????sad but then the 
bind fails (i use anonymous bind so there's no bindpw or binddn)

Let me know if you need more info ...
Comment 6 Adam Tkac 2007-05-24 14:44:35 UTC 
In the end, I've used -DLDAP_DEPRECATED because it's no documentation about new
API, informed upstream about problems and open
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241224 :) .
bind-9.3.4-6.fc6 could work fine

Regards, Adam
Comment 7 Fedora Update System 2007-06-08 15:59:07 UTC 
bind-9.4.1-4.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.