From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041111 Firefox/1.0 Description of problem: It first occured with slapd deamon when I tried to run stress test on ldap-server. If one opens too may connection to slapd process, slapd will receive SEG_FAULT eventually Last message submitted to the log before the crash is: slapd[xxxx]: warning: cannot open /etc/hosts.allow: Too many open files When I started to investigate that, I find out, that crash happens du to the following bug in table_match function in tcp_wrappers: int table_match(...) { /*sh_cmd variable is declared but not initialized here*/ match=NO; ... if ((fp=open())!=0) { .... /*Initialize sh_cmd here*/ .... } else if (errno != ENOENT) { tcpd_warn() match = ERR; } if (match) { /*Use sh_cmd here*/ } .... } So, it was assumed by developer, that match variable should be equal to YES in later if, but it tests it as non-zero. The following patch fixes this problem: --- tcp_wrappers_7.6/hosts_access.c.orig 2004-11-29 15:16:26.532074984 +0300 +++ tcp_wrappers_7.6/hosts_access.c 2004-11-29 15:15:47.500008760 +0300 @@ -177,7 +177,7 @@ tcpd_warn("cannot open %s: %m", table); match = ERR; } - if (match) { + if (match == YES) { if (hosts_access_verbose > 1) syslog(LOG_DEBUG, "matched: %s line %d", tcpd_context.file, tcpd_context.line); Version-Release number of selected component (if applicable): tcp_wrappers-7.6-37.2 How reproducible: Always Steps to Reproduce: 1.Make sure that you have hosts.allow and hosts.deny 2.Run slapd with DB large enough 3.Load it heavily, with something like this while /bin/true; do ldapsearch -x "objectClass=*" done Actual Results: slapd crashes Additional info:
Created attachment 107553 [details] should fix this issue After studying .spec file I'd like to add few more comments: 1) This bug was introduced by tcp_wrappers-7.6-sig.patch 2) Another misbehaviour was added by that patch in host_access function. Originally it's tail was: if (table_match(hosts_allow_table, request)) return (YES); if (table_match(hosts_deny_table, request)) return (NO); return (YES); After tcp_wrappers-7.6-sig.patch it turned to: if (table_match(hosts_allow_table, request)) return (YES); if (table_match(hosts_deny_table, request) == NO) return (YES); return (NO); But it should be: if (table_match(hosts_allow_table, request) == YES) return (YES); if (table_match(hosts_deny_table, request) == NO) return (YES); return (NO); Patch to tcp_wrappers-7.6-37.2 which will fix both issue is attached to this comment
Fixed in rawhide in rpm tcp_wrappers-7.6-39 or newer.