Bug 700557
Summary: | Linked attributes callbacks access free'd pointers after close | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Nathan Kinder <nkinder> | ||||||
Component: | Server - Plugins | Assignee: | Nathan Kinder <nkinder> | ||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||||
Severity: | high | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 1.2.8 | CC: | amsharma | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | |||||||||
: | 700665 (view as bug list) | Environment: | |||||||
Last Closed: | 2015-12-07 16:34:57 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 639035, 700665 | ||||||||
Attachments: |
|
Description
Nathan Kinder
2011-04-28 16:35:37 UTC
This same issue actually applies to the following plug-ins: - DNA - Linked Attributes - Managed Entries - Auto Membership We should address this issue in all of these plug-ins. We need to unset the started flag in the close() callbacks, which needs to be done with the write lock on the config held. To prevent problems with waiting readers, we need to make all readers check if the started flag is set after they obtain a reader lock. This will deal with the case where the plug-in was stopped while a thread was waiting on a reader lock. We also need to be sure to NOT free the lock in the close() function so that these waiting readers don't crash the server. What is the scope of this work? Created attachment 495618 [details]
Patch
Pushed patch to master. Thanks to Rich for his review! Counting objects: 25, done. Delta compression using up to 2 threads. Compressing objects: 100% (13/13), done. Writing objects: 100% (13/13), 3.44 KiB, done. Total 13 (delta 8), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git c2c82cb..2210765 master -> master Pushed to 389-ds-base-1.2.8 branch. Counting objects: 21, done. Delta compression using up to 2 threads. Compressing objects: 100% (11/11), done. Writing objects: 100% (11/11), 2.90 KiB, done. Total 11 (delta 7), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 3bb70c1..ef51110 128-local -> 389-ds-base-1.2.8 Created attachment 495807 [details]
Additional patch
Fixes a minor leak introduced in the precious patch.
Pushed additional patch to master. Thanks to Rich for his review! Counting objects: 13, done. Delta compression using up to 2 threads. Compressing objects: 100% (7/7), done. Writing objects: 100% (7/7), 725 bytes, done. Total 7 (delta 5), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 2210765..c74a13d master -> master Tested : - Configure the linked attributes plug-in (attributes themselves don't matter). ldapmodify -x -h localhost -D "cn=directory manager" -w xxxxx -p 389 << EOF dn: cn=Linked Attributes,cn=plugins,cn=config changetype: modify replace: nsslapd-pluginEnabled nsslapd-pluginEnabled: on - Enable the memberOf plug-in. ldapmodify -x -h localhost -D "cn=directory manager" -w xxxxxx -p 389 << EOF dn: cn=MemberOf Plugin,cn=plugins,cn=config changetype: modify replace: nsslapd-pluginEnabled nsslapd-pluginEnabled: on ldapmodify -x -h localhost -D "cn=directory manager" -w xxxxxxxx -p 389 << EOF dn: cn=MemberOf Plugin,cn=plugins,cn=config changetype: modify replace: memberofattr memberofattr: memberOf ldapmodify -x -h localhost -D "cn=directory manager" -w xxxxxx -p 389 << EOF dn: cn=MemberOf Plugin,cn=plugins,cn=config changetype: modify replace: memberofgroupattr memberofgroupattr: uniqueMember service dirsrv restart - Import a sizeable database with many group memberships. 100 group entries with 5000 users should be sufficient if you have some of the groups have many members and have some groups be members of other groups (nested grouping). - Run the fixup-memberof.pl script to fire of a fixup task on the entire database, then immediately run 'service dirsrv stop'. /usr/lib64/dirsrv/slapd-rheltest/fixup-memberof.pl -v -D "cn=Directory Manager" -w xxxxx -b "ou=unix,dc=corp,dc=example,dc=com" No Crash found. |