Bug 677465 - ns-slapd core dump in windows_tot_run if oneway sync is used
Summary: ns-slapd core dump in windows_tot_run if oneway sync is used
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.1
Hardware: Unspecified
OS: Other
unspecified
high
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On: 675113
Blocks: 639035 389_1.2.8 676871
TreeView+ depends on / blocked
 
Reported: 2011-02-14 21:58 UTC by Rich Megginson
Modified: 2015-01-04 23:46 UTC (History)
5 users (show)

Fixed In Version: 389-ds-base-1.2.8-0.3.a3.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 675113
Environment:
Last Closed: 2011-05-19 12:41:43 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2011:0533 0 normal SHIPPED_LIVE new package: 389-ds-base 2011-05-18 17:57:44 UTC

Description Rich Megginson 2011-02-14 21:58:51 UTC 
+++ This bug was initially created as a clone of Bug #675113 +++

Description of problem:
if oneway Win sync 'fromWindows' is configured, windows_tot_run can core dump because uninitializied pointer dn and pb will freed.

Version-Release number of selected component (if applicable):
1.2.8.a1


How reproducible:
Setup winsync, oneway, fromWindows.


Steps to Reproduce:
1. Initialize Replica
2.
3.
  
Actual results:
ns-slapd core dump
The problem was observed in Solaris.


Expected results:


Additional info:
the pointer dn and pb have to initialized with NULL:

*** windows_tot_protocol.c      Fr Feb  4 11:55:46 2011
--- windows_tot_protocol.c.0    Mo Jan 10 11:45:26 2011
***************
*** 98,105 ****
  {
        int rc;
        callback_data cb_data;
!       Slapi_PBlock *pb = NULL;
!       char* dn = NULL;
        RUV *ruv = NULL;
        RUV *starting_ruv = NULL;
        Replica *replica = NULL;
--- 98,105 ----
  {
        int rc;
        callback_data cb_data;
!       Slapi_PBlock *pb;
!       char* dn;
        RUV *ruv = NULL;
        RUV *starting_ruv = NULL;
        Replica *replica = NULL;

--- Additional comment from rmeggins on 2011-02-14 14:26:39 EST ---

To ssh://git.fedorahosted.org/git/389/ds.git
   82b3621..cee5f05  master -> master
commit cee5f058e10b6379d12b643e03eed81ee22a937d
Author: Rich Megginson <rmeggins>
Date:   Mon Feb 14 12:21:19 2011 -0700
    Author: Carsten Grzemba <grzemba>
    Reviewed by: rmeggins
    Branch: master
    Fix Description: Init pb and dn to NULL to avoid free of uninit memory.
    Platforms tested: RHEL6 x86_64
    Flag Day: no
    Doc impact: no
To ssh://git.fedorahosted.org/git/389/ds.git
   8a15fd4..b6871e9  389-ds-base-1.2.8 -> 389-ds-base-1.2.8
commit b6871e9130c6c78d45d21f5019e3afb19fc2ea6f
Author: Rich Megginson <rmeggins>
Date:   Mon Feb 14 12:21:19 2011 -0700
Comment 2 Rich Megginson 2011-05-02 15:33:37 UTC 
to reproduce:
1) set up windows sync with a one way (fromWindows) sync agreement
2) add some user entries to AD
3) perform an initialization
4) verify the user entries are now in the directory server and the directory server is still running
Comment 3 Amita Sharma 2011-05-03 10:29:04 UTC 
VERIFIED without any crash.

It will be good if we can add an example to the section 10.8. Configuring Unidirectional Synchronization of Admin guide.
Comment 4 errata-xmlrpc 2011-05-19 12:41:43 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html
Note You need to log in before you can comment on or make changes to this bug.