Bug 677465

Summary: ns-slapd core dump in windows_tot_run if oneway sync is used
Product: Red Hat Enterprise Linux 6 Reporter: Rich Megginson <rmeggins>
Component: 389-ds-baseAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.1CC: amsharma, benl, dpal, grzemba, jgalipea
Target Milestone: rcKeywords: screened
Target Release: ---   
Hardware: Unspecified   
OS: Other   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.8-0.3.a3.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 675113 Environment:
Last Closed: 2011-05-19 12:41:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 675113    
Bug Blocks: 639035, 656390, 676871    

Description Rich Megginson 2011-02-14 21:58:51 UTC 
+++ This bug was initially created as a clone of Bug #675113 +++

Description of problem:
if oneway Win sync 'fromWindows' is configured, windows_tot_run can core dump because uninitializied pointer dn and pb will freed.

Version-Release number of selected component (if applicable):
1.2.8.a1


How reproducible:
Setup winsync, oneway, fromWindows.


Steps to Reproduce:
1. Initialize Replica
2.
3.
  
Actual results:
ns-slapd core dump
The problem was observed in Solaris.


Expected results:


Additional info:
the pointer dn and pb have to initialized with NULL:

*** windows_tot_protocol.c      Fr Feb  4 11:55:46 2011
--- windows_tot_protocol.c.0    Mo Jan 10 11:45:26 2011
***************
*** 98,105 ****
  {
        int rc;
        callback_data cb_data;
!       Slapi_PBlock *pb = NULL;
!       char* dn = NULL;
        RUV *ruv = NULL;
        RUV *starting_ruv = NULL;
        Replica *replica = NULL;
--- 98,105 ----
  {
        int rc;
        callback_data cb_data;
!       Slapi_PBlock *pb;
!       char* dn;
        RUV *ruv = NULL;
        RUV *starting_ruv = NULL;
        Replica *replica = NULL;

--- Additional comment from rmeggins on 2011-02-14 14:26:39 EST ---

To ssh://git.fedorahosted.org/git/389/ds.git
   82b3621..cee5f05  master -> master
commit cee5f058e10b6379d12b643e03eed81ee22a937d
Author: Rich Megginson <rmeggins>
Date:   Mon Feb 14 12:21:19 2011 -0700
    Author: Carsten Grzemba <grzemba>
    Reviewed by: rmeggins
    Branch: master
    Fix Description: Init pb and dn to NULL to avoid free of uninit memory.
    Platforms tested: RHEL6 x86_64
    Flag Day: no
    Doc impact: no
To ssh://git.fedorahosted.org/git/389/ds.git
   8a15fd4..b6871e9  389-ds-base-1.2.8 -> 389-ds-base-1.2.8
commit b6871e9130c6c78d45d21f5019e3afb19fc2ea6f
Author: Rich Megginson <rmeggins>
Date:   Mon Feb 14 12:21:19 2011 -0700
Comment 2 Rich Megginson 2011-05-02 15:33:37 UTC 
to reproduce:
1) set up windows sync with a one way (fromWindows) sync agreement
2) add some user entries to AD
3) perform an initialization
4) verify the user entries are now in the directory server and the directory server is still running
Comment 3 Amita Sharma 2011-05-03 10:29:04 UTC 
VERIFIED without any crash.

It will be good if we can add an example to the section 10.8. Configuring Unidirectional Synchronization of Admin guide.
Comment 4 errata-xmlrpc 2011-05-19 12:41:43 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html