Bug 565664 - Incorrect parameter for CACHE_RETURN().
Summary: Incorrect parameter for CACHE_RETURN().
Alias: None
Product: 389
Classification: Retired
Component: Database - General
Version: 1.3.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Noriko Hosoi
QA Contact: Viktor Ashirov
: 565932 (view as bug list)
Depends On:
Blocks: 639035
TreeView+ depends on / blocked
Reported: 2010-02-15 21:12 UTC by Endi Sukma Dewata
Modified: 2015-12-07 16:46 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-12-07 16:46:10 UTC

Attachments (Terms of Use)
git patch file (id2entry.c) (1.26 KB, patch)
2010-02-16 00:47 UTC, Noriko Hosoi
no flags Details | Diff

Description Endi Sukma Dewata 2010-02-15 21:12:21 UTC
Incorrect parameter passing when calling CACHE_RETURN() would cause slapd to crash under certain conditions.

See ldap/servers/slapd/back-ldbm/id2entry.c line 196. The second parameter should be a pointer to pointer, but the current code passes a regular pointer:

    CACHE_RETURN(&inst->inst_dncache, bdn);

According to Noriko the correct code should be:

    CACHE_RETURN(&inst->inst_dncache, &bdn);

Comment 1 Noriko Hosoi 2010-02-16 00:47:25 UTC
Created attachment 394429 [details]
git patch file (id2entry.c)

Noriko reviewed the fix proposal by Endi.

Push the fix to master.
$ git merge work
Updating 508af98..107d40e
Fast forward
 ldap/servers/slapd/back-ldbm/id2entry.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
$ git push
Counting objects: 13, done.
Delta compression using 4 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 819 bytes, done.
Total 7 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   508af98..107d40e  master -> master

Comment 3 Noriko Hosoi 2010-02-17 18:13:07 UTC
*** Bug 565932 has been marked as a duplicate of this bug. ***

Comment 4 Noriko Hosoi 2011-07-27 00:55:42 UTC
Steps to verify
Add 1k entries and remove them.
If the server does not crash in the operations :), this bug is verified.

Comment 5 Amita Sharma 2011-07-28 11:55:27 UTC
Thanks Noriko :)

Added 1K entries and then removed them.
No crash found. hence marking as VERIFIED.

Note You need to log in before you can comment on or make changes to this bug.