Bug 455073 - segfault in is_ad_subtype - nssldap to openldap
segfault in is_ad_subtype - nssldap to openldap
Product: Fedora
Classification: Fedora
Component: openldap (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Jan Zeleny
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2008-07-11 16:22 EDT by Zing
Modified: 2009-03-19 11:12 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-03-19 11:12:14 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
backtrace of segfault (8.39 KB, text/plain)
2008-07-11 16:26 EDT, Zing
no flags Details

  None (edit)
Description Zing 2008-07-11 16:22:54 EDT
Description of problem:
I can crash openldap fairly easily using nssldap.  Sometimes it's immediate,
sometimes I can get through 100's of queries (using the "id" command) before
openldap segfaults.

It looks like it always bombs in is_ad_subtype though. 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. the openldap directory populated with about 1500 users (ou=People,..) and
about 1500 groups (ou=groups,...)
2. setup system with authconfig to use ldap name lookups.
3. i have a script which calls "id <userid>" for all the users.

Actual results:
either immediately or eventually openldap segfaults.

Expected results:
no segfault.

Additional info:
i'll attach some more info...
Comment 1 Zing 2008-07-11 16:26:42 EDT
Created attachment 311616 [details]
backtrace of segfault
Comment 2 Zing 2008-07-11 16:36:37 EDT
base dc=mine,dc=us
timelimit 120
bind_timelimit 120
idle_timelimit 3600
nss_base_passwd ou=People,dc=mine,dc=us?one
nss_base_shadow ou=People,dc=mine,dc=us?one
nss_base_group  ou=Group,dc=mine,dc=us?one
uri ldap://ldapserver
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
Comment 3 Zing 2008-07-12 15:55:07 EDT
Well, I built openldap-2.4.10-2 from rawhide and so far I've done a couple
thousand queries with no segfaults.  Possibly the internal bdb upgrade to 4.6
helps/fixes the problem.
Comment 4 Jan Safranek 2008-07-16 07:34:04 EDT
I'd rather not rebase the internal bdb in middle of Fedora lifecycle, but I can
try to update openldap to openldap-2.4.10, which should fix the issue. I created
a test build for you at http://people.redhat.com/jsafrane/bugs/455073/, could
you please give it a try? Let me know if it works for you.
Comment 5 Zing 2008-07-16 22:26:11 EDT
Your right, that works. thanks.
Comment 6 Fedora Update System 2008-07-21 04:19:17 EDT
openldap-2.4.10-1.fc9 has been submitted as an update for Fedora 9
Comment 7 Fedora Update System 2008-07-23 03:20:59 EDT
openldap-2.4.10-1.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update openldap'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-6653
Comment 8 Fedora Update System 2008-08-07 19:51:06 EDT
openldap-2.4.10-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Admin XMLRPC Client 2009-03-19 03:36:55 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Note You need to log in before you can comment on or make changes to this bug.