openldap-bugs December 2014

openldap-bugs@openldap.org

24 participants
95 discussions

Re: (ITS#7997) no-return-in-nonvoid-function dupent.c:367
by hyc＠symas.com 10 Dec '14

10 Dec '14

michael(a)stroeder.com wrote: > Full_Name: > Version: > OS: > URL: > Submission from: (NULL) (79.227.174.182) > > > Building slapo-dupent (contrib/) with strict warnings results in: > > no-return-in-nonvoid-function dupent.c:367 > > > Fixed in master -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#8001) Segmentation Fault in ldap_sync_*
by alexey＠kireyev.name 10 Dec '14

10 Dec '14

Full_Name: Alexey Kireyev Version: 2.4.40 OS: Ubuntu 14.04 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (98.118.88.65) If not all fields in ldap_sync_t manually set after ldap_sync_initialize, then any following calls might (and most probably will) ends in segmentation fault. Reason: ldap_sync_initialize doesn't zeroed newly allocated structure (it does it for pre-existing, though, which is wrong by itself in my view) -------------------------------------------------------------------------------------------------------- >From 01149a2eba9f463261d88e5a1ce43e19c4a323cf Mon Sep 17 00:00:00 2001 From: Alexey Kireyev <alexey(a)kireyev.name> Date: Wed, 10 Dec 2014 14:37:16 -0500 Subject: [PATCH] Newly allocated ldap_sync_t has to be zero out --- libraries/libldap/ldap_sync.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/libraries/libldap/ldap_sync.c b/libraries/libldap/ldap_sync.c index e573c3b..e79153f 100644 --- a/libraries/libldap/ldap_sync.c +++ b/libraries/libldap/ldap_sync.c @@ -64,11 +64,10 @@ ldap_sync_initialize( ldap_sync_t *ls_in )D%D if ( ls == NULL ) { return NULL; } - - } else { - memset( ls, 0, sizeof( ldap_sync_t ) ); } + memset( ls, 0, sizeof( ldap_sync_t ) ); + ls->ls_scope = LDAP_SCOPE_SUBTREE; ls->ls_timeout = -1; -- 1.9.1 The attached patch file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Alexey Kireyev alexey(a)kireyev.name. I have not assigned rights and/or interest in this work to any party. I, Alexey Kireyev, hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.

1 0

(ITS#8000) Warnings building contrib overlay passwd/sha2
by michael＠stroeder.com 10 Dec '14

10 Dec '14

Full_Name: Version: RE24 OS: URL: Submission from: (NULL) (79.227.174.182) HI! I'm trying to package passwd/sha2 for openSUSE. The default compiler options in their build system results in these warnings: [ 193s] + CFLAGS='-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -fstack-protector -O2 -Wall -D_FORTIFY_SOURCE=2 -funwind-tables -fasynchronous-unwind-tables -g -Wno-format-extra-args -fno-strict-aliasing' [ 193s] + make -j4 sysconfdir=/etc/openldap libdir=/usr/lib libexecdir=/usr/lib [ 193s] ../../../../libtool --mode=compile gcc -g -O2 -Wall -I..%2.%./../../include -I../../../../include -I../../../../servers/slapd -c slapd-sha2.c [ 193s] ../../../../libtool --mode=compile gcc -g -O2 -Wall -I../../../../include -I../../../../include -I../../../../servers/slapd -c sha2.c [ 193s] mkdir .libs [ 193s] mkdir .libs [ 193s] mkdir: cannot create directory '.libs': File exists [ 193s] gcc -g -O2 -Wall -I../../../../include -I../../../../include -I../../../../servers/slapd -c sha2.c -fPIC -DPIC -o .libs/sha2.o [ 193s] gcc -g -O2 -Wall -I../../../../include -I../../../../include -I../../../../servers/slapd -c slapd-sha2.c -fPIC -DPIC -o .libs/slapd-sha2.o [ 193s] sha2.c: In function 'SHA256_Final': [ 193s] sha2.c:608:3: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] [ 193s] *(sha2_word64*)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount; [ 193s] ^ [ 193s] sha2.c: In function 'SHA512_Last': [ 193s] sha2.c:925:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] [ 193s] *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1]; [ 193s] ^ [ 193s] sha2.c:926:2: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] [ 193s] *(sha2_word64*)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0]; [ 193s] ^ [ 193s] gcc -g -O2 -Wall -I../../../../include -I../../../../include -I../../../../servers/slapd -c slapd-sha2.c -o slapd-sha2.o >/dev/null 2>&1 [ 193s] gcc -g -O2 -Wall -I../../../../include -I../../../../include -I../../../../servers/slapd -c sha2.c -o sha2.o >/dev/null 2>&1 [ 194s] ../../../../libtool --mode=link gcc -g -O2 -Wall -version-info 0:0:0 \ [ 194s] -rpath /usr/lib/openldap -module -o pw-sha2.la slapd-sha2.lo sha2.lo ../../../../libraries/libldap_r/libldap_r.la ../../../../libraries/liblber/liblber.la [ 194s] cc -shared .libs/slapd-sha2.o .libs/sha2.o -Wl,--rpath -Wl,/home/abuild/rpmbuild/BUILD/openldap-2.4.40/libraries/libldap_r/.libs -Wl,--rpath -Wl,/home/abuild/rpmbuild/BUILD/openldap-2.4.40/libraries/liblber/.libs -L/home/abuild/rpmbuild/BUILD/openldap-2.4.40/libraries/liblber/.libs ../../../../libraries/libldap_r/.libs/libldap_r.so ../../../../libraries/liblber/.libs/liblber.so -Wl,-soname -Wl,pw-sha2.so.0 -o .libs/pw-sha2.so.0.0.0 [ 194s] (cd .libs && rm -f pw-sha2.so.0 && ln -s pw-sha2.so.0.0.0 pw-sha2.so.0) [ 194s] (cd .libs && rm -f pw-sha2.so && ln -s pw-sha2.so.0.0.0 pw-sha2.so) [ 194s] ar cru .libs/pw-sha2.a slapd-sha2.o sha2.o [ 194s] ranlib .libs/pw-sha2.a [ 194s] creating pw-sha2.la Overall RPM build fails with: [ 262s] I: Program is likely to break with new gcc. Try -fno-strict-aliasing. [ 262s] W: openldap2 strict-aliasing-punning sha2.c:608, 925, 926

1 0

(ITS#7999) proxycache failed for bdb while testing
by yjd＠zjca.com.cn 10 Dec '14

10 Dec '14

Full_Name: edong Version: 2.4.40 OS: CentOS 6.6 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (60.190.254.10) BerkeleyDB version: 5.3.28 ./configure --enable-crypt --enable-lmpasswd --enable-spasswd --enable-modules --enable-backends=mod --enable-perl=no --enable-ndb=no --enable-overlays=mod --enable-dynamic The "make test" fails as follow3A3A ... Testing Bind caching Query 19: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com Query 20: (Bind should be cached) Refresh failed >>>>> test020-proxycache failed for bdb (exit 1) make[2]: *** [bdb-mod] Error 1 make[2]: Leaving directory `/root/Downloads/openldap-2.4.40/tests' make[1]: *** [test] Error 2 make[1]: Leaving directory `/root/Downloads/openldap-2.4.40/tests' make: *** [test] Error 2

1 0

Re: (ITS#7998) no-return-in-nonvoid-function noopsrch.c:145
by michael＠stroeder.com 10 Dec '14

10 Dec '14

As I read noopsrch_response there's a else {} clause missing. But I'm not sure.

1 0

(ITS#7998) no-return-in-nonvoid-function noopsrch.c:145
by michael＠stroeder.com 10 Dec '14

10 Dec '14

Full_Name: Version: RE24 OS: URL: Submission from: (NULL) (79.227.174.182) Building slapo- (contrib/) with strict warnings results in: no-return-in-nonvoid-function noopsrch.c:145

1 0

(ITS#7997) no-return-in-nonvoid-function dupent.c:367
by michael＠stroeder.com 10 Dec '14

10 Dec '14

Full_Name: Version: OS: URL: Submission from: (NULL) (79.227.174.182) Building slapo-dupent (contrib/) with strict warnings results in: no-return-in-nonvoid-function dupent.c:367

1 0

Re: (ITS#7968) SIGSEGV shortly after reconnection performed by syncrepl due to synchronization conflicts
by hyc＠symas.com 09 Dec '14

09 Dec '14

Leonid Yuriev wrote: > I saw that the master is lost some changes of the my original patch > (that was early attached to ITS). > > Please see attached diff. > I think it is a race condition around si_cookieState inside for-loop. Prove it. The fields being accessed inside the loop are for the pending values, and the pending mutex has already been acquired outside the loop. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7968) SIGSEGV shortly after reconnection performed by syncrepl due to synchronization conflicts
by leo＠yuriev.ru 09 Dec '14

09 Dec '14

This is a multi-part message in MIME format. --------------090602010509010401080002 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit I saw that the master is lost some changes of the my original patch (that was early attached to ITS). Please see attached diff. I think it is a race condition around si_cookieState inside for-loop. --------------090602010509010401080002 Content-Type: text/x-patch; name="its#7968-lost.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="its#7968-lost.patch" diff --git a/servers/slapd/syncrepl.c b/servers/slapd/syncrepl.c --- a/servers/slapd/syncrepl.c +++ b/servers/slapd/syncrepl.c @@ -958,15 +958,17 @@ do_syncrep2( ldap_pvt_thread_yield(); } + ldap_pvt_thread_mutex_lock( &si->si_cookieState->cs_mutex ); for ( i =0; i<si->si_cookieState->cs_pnum; i++ ) { if ( sid < si->si_cookieState->cs_psids[i] ) break; if ( si->si_cookieState->cs_psids[i] == sid ) { if ( ber_bvcmp( syncCookie.ctxcsn, &si->si_cookieState->cs_pvals[i] ) <= 0 ) { - ldap_pvt_thread_mutex_unlock( &si->si_cookieState->cs_pmutex ); bdn.bv_val[bdn.bv_len] = '\0'; Debug( LDAP_DEBUG_SYNC, "do_syncrep2: %s CSN pending, ignoring %s (%s)\n", si->si_ridtxt, syncCookie.ctxcsn->bv_val, bdn.bv_val ); + ldap_pvt_thread_mutex_unlock( &si->si_cookieState->cs_mutex ); + ldap_pvt_thread_mutex_unlock( &si->si_cookieState->cs_pmutex ); ldap_controls_free( rctrls ); rc = 0; goto done; @@ -983,6 +985,7 @@ do_syncrep2( (struct sync_cookie *)&si->si_cookieState->cs_pvals, i, sid, syncCookie.ctxcsn ); } + ldap_pvt_thread_mutex_unlock( &si->si_cookieState->cs_mutex ); assert( punlock < 0 ); punlock = i; } else if (si->si_too_old) { --------------090602010509010401080002--

1 0

Re: (ITS#7995) of-by-one error in schema
by hyc＠symas.com 09 Dec '14

09 Dec '14

Леонид Юрьев wrote: > (2) > But let see to lines 570-575 of mdb-back/attr.c and lines 764-772 of slapd/ad.c: > - does the mdb-value include a NUL byte = > https://github.com/leo-yuriev/openldap-lmdb-challenge/blob/2.4-devel/server… > - if "YES" then "+1" at slapd/ad.c:764 is wrong = > https://github.com/leo-yuriev/openldap-lmdb-challenge/blob/2.4-devel/server… > - but if "NO" then "strcpy()" at slapd/ad.c:772 (and more) is wrong = > https://github.com/leo-yuriev/openldap-lmdb-challenge/blob/2.4-devel/server… And the answer is no, back-mdb/attr.c mdb_ad_get() doesn't store the trailing NUL byte, > diff --git a/servers/slapd/ad.c b/servers/slapd/ad.c > index 246b900..fd60483 100644 > --- a/servers/slapd/ad.c > +++ b/servers/slapd/ad.c > @@ -118,7 +118,7 @@ AttributeDescription * ad_find_tags( > for (ad = type->sat_ad; ad; ad=ad->ad_next) > { > if (ad->ad_tags.bv_len == tags->bv_len && > - !strcasecmp(ad->ad_tags.bv_val, tags->bv_val)) > + !strncasecmp( ad->ad_tags.bv_val, tags->bv_val, ad->ad_tags.bv_len )) > break; > } Unnecessary. > ldap_pvt_thread_mutex_unlock( &type->sat_ad_mutex ); > @@ -742,14 +742,13 @@ int slap_bv2undef_ad( > /* use the appropriate type */ > if ( flags & SLAP_AD_PROXIED ) { > at = slap_schema.si_at_proxied; > - > } else { > at = slap_schema.si_at_undefined; > } > > for( desc = at->sat_ad; desc; desc=desc->ad_next ) { > if( desc->ad_cname.bv_len == bv->bv_len && > - !strcasecmp( desc->ad_cname.bv_val, bv->bv_val ) ) > + !strncasecmp( desc->ad_cname.bv_val, bv->bv_val, desc->ad_cname.bv_len) ) Unnecessary. We've already checked that the two lengths are equal; even if bv->bv_val is non-terminated the compare will stop because desc->ad_cname is terminated. > { > break; > } > @@ -769,7 +768,8 @@ int slap_bv2undef_ad( > > desc->ad_cname.bv_len = bv->bv_len; > desc->ad_cname.bv_val = (char *)(desc+1); > - strcpy(desc->ad_cname.bv_val, bv->bv_val); > + strncpy( desc->ad_cname.bv_val, bv->bv_val, desc->ad_cname.bv_len ) > + [desc->ad_cname.bv_len] = '\0'; This is a valid fix. > > /* canonical to upper case */ > ldap_pvt_str2upper( desc->ad_cname.bv_val ); > @@ -806,9 +806,10 @@ slap_bv2tmp_ad( > slap_sl_mfuncs.bmf_malloc( sizeof(AttributeDescription) + > bv->bv_len + 1, memctx ); > > - ad->ad_cname.bv_val = (char *)(ad+1); > - strncpy( ad->ad_cname.bv_val, bv->bv_val, bv->bv_len+1 ); > ad->ad_cname.bv_len = bv->bv_len; > + ad->ad_cname.bv_val = (char *)(ad+1); > + strncpy( ad->ad_cname.bv_val, bv->bv_val, ad->ad_cname.bv_len) > + [ad->ad_cname.bv_len] = '\0'; > ad->ad_flags = SLAP_DESC_TEMPORARY; > ad->ad_type = slap_schema.si_at_undefined; > Unnecessary. > @@ -887,7 +888,7 @@ an_find( > > for ( ; a->an_name.bv_val; a++ ) { > if ( a->an_name.bv_len != s->bv_len) continue; > - if ( strcasecmp( s->bv_val, a->an_name.bv_val ) == 0 ) { > + if ( strncasecmp( s->bv_val, a->an_name.bv_val, s->bv_len ) == 0 ) { > return( 1 ); > } > } Unnecessary. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

← Newer
1
2
3
4
5
6
7
8
9
10
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs December 2014