Bug 1166260 - cookie_change_info returns random negative number if there was no change in a tree
Summary: cookie_change_info returns random negative number if there was no change in a...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: 389-ds-base
Version: 7.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Noriko Hosoi
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-11-20 16:39 UTC by Nathan Kinder
Modified: 2015-03-05 09:37 UTC (History)
3 users (show)

Fixed In Version: 389-ds-base-1.3.3.1-10.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-05 09:37:25 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0416 normal SHIPPED_LIVE Important: 389-ds-base security, bug fix, and enhancement update 2015-03-05 14:26:33 UTC

Description Nathan Kinder 2014-11-20 16:39:42 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/47960

Setup: single master replication (M1 and C1)
Enabled plugins: Content Synchronization and Retro Changelog Plugin.

To retrieve a cookie I use this command:
{{{
ldapsearch -h localhost:1189 -D "cn=Directory Manager" -w Secret123 -b dc=example,dc=com -o ldif-wrap=no -E sync=ro | grep "1.3.6.1.4.1.4203.1.9.1.3" | awk '{print $4}' | base64 -d | colrm 1 3
}}}
I enabled plugins and restarted the servers. Then I ran several times the command to view the cookie on M1:

rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#-1259389152
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#-1476428000
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#-1677787360
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#-1728143584
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#-1669394656
...

Then I did some changes in the DIT, after each change I checked the cookie:
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#1
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#2
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#3
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#4
rhel7ds.brq.redhat.com:1189#cn=directory manager:dc=example,dc=com:(objectClass=*)#5
...

It looks like cookie_change_info is not initialized before the first change.

Comment 1 Viktor Ashirov 2014-11-28 16:40:12 UTC
There is also an integer overflow in cookie_change_info:

sync.h:70:      int cookie_change_info;

Retro Changelog Plugin uses unsigned long for storing changeNumber:

retrocl.h:60:typedef unsigned long changeNumber;

rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#2147483646
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#2147483647
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#-2147483648
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#-2147483647
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#-2147483646

Comment 3 Viktor Ashirov 2014-12-25 21:01:31 UTC
$ rpm -qa | grep 389
389-ds-base-debuginfo-1.3.3.1-10.el7.x86_64
389-ds-base-1.3.3.1-10.el7.x86_64
389-ds-base-libs-1.3.3.1-10.el7.x86_64

[1]  Right after enabling plugins and before making any change to the tree:
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#0

[2]  There is no integer overflow: 

rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#2147483646
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#2147483647
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#2147483648
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#2147483649
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:

[3]  And it successfully wraps around 

rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#4294967294
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#4294967295
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#0
rhel7ds.brq.redhat.com:389#cn=directory manager:dc=example,dc=com:(objectClass=*)#1

Marking as VERIFIED

Comment 5 errata-xmlrpc 2015-03-05 09:37:25 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0416.html


Note You need to log in before you can comment on or make changes to this bug.