Bug 239754 - Samba4 test can crash FDS
Samba4 test can crash FDS
Status: CLOSED NEXTRELEASE
Product: 389
Classification: Community
Component: Install/Uninstall (Show other bugs)
1.1.0beta
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nathan Kinder
Chandrasekar Kannan
:
Depends On:
Blocks: 240316
  Show dependency treegraph
 
Reported: 2007-05-10 20:36 EDT by Andrew Bartlett
Modified: 2015-01-04 18:26 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-16 09:22:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Samba4 patch which breaks FDS in selftest (648 bytes, patch)
2007-05-10 20:36 EDT, Andrew Bartlett
no flags Details | Diff

  None (edit)
Description Andrew Bartlett 2007-05-10 20:36:30 EDT
Description of problem:
Invalid LDIF (such as in the patch for samba4 below)

Version-Release number of selected component (if applicable):
current cvs

How reproducible:
Every time

Steps to Reproduce:
1. Download and build Samba4
2. apply this patch
3. FEDORA_DS_PREFIX=/opt/fedora-ds TEST_LDAP=yes make test
  
Actual results:
FDS will fail to start, having segfaulted on the invalid input

Expected results:
FDS will fail to start, objecting to the invalid input

Additional info:
The failure is in the loading of the databases for the sub-suffixes.

If configured in the kernel, a core file will be left, which reveals this backtrace:

#0  ldbm_instance_find_by_name (li=0x996e5f0, name=0x0)
    at ./ldap/servers/slapd/intrinsics.h:97
97                      if ( ((l = (unsigned char)(*(src++))) >= 'A') && (l <=
'Z') )
(gdb) bt full
#0  ldbm_instance_find_by_name (li=0x996e5f0, name=0x0)
    at ./ldap/servers/slapd/intrinsics.h:97
        inst_obj = (Object *) 0x99843d8
        inst = (ldbm_instance *) 0x99bbbd8
#1  0x4056c719 in ldbm_instance_add_instance_entry_callback (pb=0x0, 
    entryBefore=0x99c7558, entryAfter=0x0, returncode=0x0, returntext=0x0, 
    arg=0x996e5f0) at ldap/servers/slapd/back-ldbm/ldbm_instance_config.c:824
        instance_name = 0x0
        inst = <value optimized out>
        li = <value optimized out>
        rc = <value optimized out>
#2  0x40565cef in ldbm_config_read_instance_entries (li=0x996e5f0, 
    backend_type=0x996fc98 "ldbm database")
    at ldap/servers/slapd/back-ldbm/ldbm_config.c:1260
        tmp_pb = (Slapi_PBlock *) 0x99ba9f0
        basedn = "cn=ldbm database, cn=plugins, cn=config\000Q�R", '\0' <repeats
33 times>, "0\000\000\000\000\000\000\000��^\000Q�R", '\0' <repeats 29 times>,
"Q�R\000\030\000\000\000\000\000\000\000��^\000\001\000\000\000�C\230\t\000\000\000\a�_a\000�C\230\t\020\000\000\000�\206޿��^\000
qa\000N�R\000\000\000\000\000\030\000\000\000\001\000\000\000�\236\233\t\000\000\000\003�_a\000\220\236\233\tN�R\000\000\000\000\000\021\000\000\000\001\000\000\000(�\233\t�C\230\003�_a\000Q�R\000
�\233\t \207"...
        entries = (Slapi_Entry **) 0x99bc500
---Type <return> to continue, or q <return> to quit---
#3  0x40566cf5 in ldbm_config_load_dse_info (li=0x996e5f0)
    at ldap/servers/slapd/back-ldbm/ldbm_config.c:1320
        search_pb = <value optimized out>
        entries = (Slapi_Entry **) 0x991e880
        res = 0
        dn = "cn=config, cn=ldbm database, cn=plugins,
cn=config\000\200n�j��d��\025�~I@��F\037\211B�\030�͹�y\231\236w���P�\031\005\"\000\000\000Pqa\000(�޿/�\027\005�\231\233\t
\000\000\0000qa\000\026\000S\000 qa\000!\000\000\000 �\233\t�\231\233\t�_a\000
\000\000\0003%\n@\b�޿\005�R\000
\000\000\000h�\027\005P�\031\005\0012b\0003%\n@(�޿h�\027\005\0012b\000Zb�t\000\216=@P�\031\005"...
#4  0x4057c7f8 in ldbm_back_start (pb=0x99c2be0)
    at ldap/servers/slapd/back-ldbm/start.c:66
        li = (struct ldbminfo *) 0x996e5f0
        home_dir = <value optimized out>
        action = <value optimized out>
        retval = <value optimized out>
        initialized = 0
Comment 1 Andrew Bartlett 2007-05-10 20:36:30 EDT
Created attachment 154508 [details]
Samba4 patch which breaks FDS in selftest
Comment 2 Andrew Bartlett 2007-05-11 00:55:09 EDT
I should also note that attempting to introduce this error after the server had
started for the first time would result in an error, not a crash.

The server is not started in the inf file, with 'start_server= 0', so I wonder
if the very first load is presumed to be 'safe', having been generated by the
ds_newinst tool. 
Comment 5 Rich Megginson 2007-10-05 11:10:43 EDT
Andrew, have you tried to reproduce this problem with the latest Fedora DS 1.1?
 The way setup works now is quite different.
Comment 6 Andrew Bartlett 2007-10-16 02:38:16 EDT
A simple application of that patch to current SVN of Samba4 and current Fedora
DS doesn't crash.  I could retry with the older code, but we don't have
ds_newinst any more. 

Let's call this one fixed...

Note You need to log in before you can comment on or make changes to this bug.