Hide Forgot
Description of problem: nss_ldap currently segfaults immediately after first query (probably) because of referencing already freed memory, this is (probably) caused by memory clean-up in biparse.patch. This issue has quite small priority (since it can be fixed easily - in the worst case, memory cleaning will be disable), but it has quite serious impact. Version-Release number of selected component (if applicable): nss_ldap-253-47.el5 How reproducible: See comments. Steps to Reproduce: 1. setup slapd with posixAccount ldapuser 2. setup nss_ldap to lookup configures LDAP server 3. getent -s 'passwd:ldap' passwd ldapuser Actual results: ldapuser1:*:1001:1000:ldapuser1:/home/ldapuser1:/bin/bash *** glibc detected *** getent: free(): invalid pointer: 0x08376498 *** ======= Backtrace: ========= /lib/libc.so.6[0x5ec6d5] /lib/libc.so.6(cfree+0x59)[0x5ecb19] /lib/libnss_ldap.so.2[0xb51647] /lib/libnss_ldap.so.2[0xb5167e] /lib/libnss_ldap.so.2(_nss_ldap_db_close+0x18)[0xb516b8] /lib/libnss_ldap.so.2(_nss_ldap_free_config+0x64)[0xb51734] /lib/libnss_ldap.so.2(_nss_ldap_leave+0x47)[0xb49f97] /lib/libnss_ldap.so.2(_nss_ldap_getent+0x6b)[0xb4a58b] /lib/libnss_ldap.so.2(_nss_ldap_getpwent_r+0x58)[0xb4a9f8] /lib/libc.so.6[0x66782e] /lib/libc.so.6(getpwent_r+0xad)[0x613dfd] /lib/libc.so.6[0x6673f6] /lib/libc.so.6(getpwent+0x71)[0x613a61] getent[0x804abbb] getent[0x804a6c2] /lib/libc.so.6(__libc_start_main+0xdc)[0x598eac] getent[0x8049741] ======= Memory map: ======== ... Expected results: ldapuser1:*:1001:1000:ldapuser1:/home/ldapuser1:/bin/bash Additional info: Reproducer will be added shortly.
This issue is indeed caused by the parsing patch. Historically, nss_ldap never freed memory. In the patch, I attempted to free /all/ allocated memory, not just the allocations I did in the patch. Please dev_ack+ - I'll either fix the free calls or revert to the old behavior of not freeing memory. Any case, we won't be worse than what nss_ldap did in 5.7
Testing instructions: * install bind-utils, bind-chroot, latest openldap*, latest nss_ldap * wget http://nest.test.redhat.com/mnt/qa/scratch/omoris/reproducer/ * make -C reproducer run * when prompt "[test] " will pop-up, your testing environment is ready * when you finish testing, just exist spawned shell (C-D / logout) * test will bring a system into previous state
*** Bug 757172 has been marked as a duplicate of this bug. ***
This should better be included in nss_ldap 5.8 errata as soon as possible since it is blocking DNS SRV support which is claimed to appear in Beta (12-07?).
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0268.html