Hide Forgot
Description of problem: Password change code in dirsrv crash tearing down the server. Difficult to reproduce.
Stack trace courtesy of Jan-Frode Myklebust Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x582df4b0 (LWP 6328)] pw_val2scheme (val=0x0, valpwdp=0x582dea3c, first_is_default=1) at ldap/servers/slapd/pw.c:280 280 if ( *val != PWD_HASH_PREFIX_START || (gdb) bt #0 pw_val2scheme (val=0x0, valpwdp=0x582dea3c, first_is_default=1) at ldap/servers/slapd/pw.c:280 #1 0x0ff250c0 in slapi_pw_find_sv (vals=0x108ba708, v=0x108ba7d8) at ldap/servers/slapd/pw.c:142 #2 0x0dd98594 in ?? () from /usr/lib/dirsrv/plugins/libipa_pwd_extop.so #3 0x0ff1edc4 in plugin_call_exop_plugins (pb=0x108b8538, oid=0x0) at ldap/servers/slapd/plugin.c:393 #4 0x100143fc in do_extended (pb=0x108b8538) at ldap/servers/slapd/extendop.c:300 #5 0x1000f348 in connection_threadmain () at ldap/servers/slapd/connection.c:562 #6 0x0f91ffc8 in _pt_root (arg=<value optimized out>) at ../../../mozilla/nsprpub/pr/src/pthreads/ptthread.c:221 #7 0x0fd46e3c in start_thread (arg=<value optimized out>) at pthread_create.c:299 #8 0x48106670 in clone () from /lib/libc.so.6 Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb)
Created attachment 310466 [details] Fix for segfault The first argument of slapi_pw_find_sv is an array not a pointer to a pointer. We must terminate the array or we can search through the memory unitl we reach the end of a segment and segfault.
Created attachment 310469 [details] corrected patch
Created attachment 310476 [details] also avoid memory leaks
ipa-1.1.0-3.fc8 has been submitted as an update for Fedora 8
ipa-1.1.0-4.fc9 has been submitted as an update for Fedora 9
ipa-1.1.0-3.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update ipa'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-5896
I've upgraded to 1.1.0-4 for fedora 9 (x86_64) and am still having ns-slapd crash during password changes. # rpm -q ipa-server ipa-server-1.1.0-4.fc9.x86_64 # uname -a Linux ruff.flusche.co 2.6.25.9-76.fc9.x86_64 #1 SMP Fri Jun 27 15:58:30 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x41992950 (LWP 9201)] 0x000000392fc808f0 in strcmp () from /lib64/libc.so.6 (gdb) bt #0 0x000000392fc808f0 in strcmp () from /lib64/libc.so.6 #1 0x00007f95ec9dc093 in ?? () from /usr/lib64/dirsrv/plugins/libipa_pwd_extop.so #2 0x00007f95ec9dd778 in ?? () from /usr/lib64/dirsrv/plugins/libipa_pwd_extop.so #3 0x0000000000188f05 in plugin_call_exop_plugins (pb=0x1533f30, oid=0x150fc50 "1.3.6.1.4.1.4203.1.11.1") at ldap/servers/slapd/plugin.c:393 #4 0x000000000041698f in do_extended (pb=0x1533f30) at ldap/servers/slapd/extendop.c:300 #5 0x0000000000412086 in connection_threadmain () at ldap/servers/slapd/connection.c:562 #6 0x0000003ee8e29aa3 in _pt_root (arg=<value optimized out>) at ../../../mozilla/nsprpub/pr/src/pthreads/ptthread.c:221 #7 0x000000393080729a in start_thread (arg=<value optimized out>) at pthread_create.c:297 #8 0x000000392fce42cd in clone () from /lib64/libc.so.6
ipa-1.1.0-3.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
ipa-1.1.0-4.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.