(ITS#8457) back-sql: unordered entries combined with pagination gives wrong results
by matthias.hunstock@tu-ilmenau.de
Full_Name: Matthias Hunstock
Version: git HEAD
OS: Linux
URL: ftp://ftp.openldap.org/incoming/fix-sql-order.patch
Submission from: (NULL) (2001:638:904:bf:e544:e758:826b:80ce)
Back-SQL does not use any "ORDER BY" statements when querying for ldap entries.
If a client uses pagination, there is code that that generates an optimized SQL
query with a WHERE clause like " AND ldap_entries.id > x " with x being the
highest id from the last paginated search result. As the DBMS gives results in
unsorted order, this leads to extremely reduced result sets because it is
randomly cut off.
The linked patch resolves the issue for us.
7 years, 3 months
Re: (ITS#8452) LMDB: mdb_env_copyfd2 can deadlock due to missing mdb_env_cthr_toggle check
by lorenz@cloudflare.com
--001a114aa6f8aae6bb0536563239
Content-Type: text/plain; charset=UTF-8
I did not know that! Thanks for your help.
--
Lorenz
--001a114aa6f8aae6bb0536563239
Content-Type: text/html; charset=UTF-8
<div dir="ltr">I did not know that! Thanks for your help.<div><br></div><div>--</div><div>Lorenz</div></div>
--001a114aa6f8aae6bb0536563239--
7 years, 3 months
(ITS#8456) slapacl segfaults with mdb if object does not exists
by best@univention.de
Full_Name: Florian Best
Version: 2.4.42+dfsg-2.210.201511060842
OS: UCS 4.1-2
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (82.198.197.8)
Running the following command causes a segfault. There is no object for the DN
provided with "-b".
gdb --args slapacl -D uid=Administator,cn=users,dc=school,dc=local -b
uid=doesnotexists,dc=school,dc=local -d0 -u
jejectClass:univentionAdminUserSettings
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff013fbc8 in mdb_txn_begin () from /usr/lib/ldap/back_mdb.so
(gdb) bt
#0 0x00007ffff013fbc8 in mdb_txn_begin () from /usr/lib/ldap/back_mdb.so
#1 0x00007ffff3a3a8d0 in mdb_opinfo_get () from /usr/lib/ldap/back_mdb.so
#2 0x00007ffff013aac6 in mdb_entry_get () from /usr/lib/ldap/back_mdb.so
#3 0x0000000000498267 in overlay_entry_get_ov ()
#4 0x00000000004982e7 in ?? ()
#5 0x000000000043f236 in fe_acl_group %)%9
#6 0x000000000043cd28 in backend_group ()
#7 0x0000000000453d9c in slap_access_allowed ()
#8 0x00000000004980cd in ?? ()
#9 0x0000000000450d8c in access_allowed_mask ()
#10 0x000000000049f793 in slapacl ()
#11 0x00000000004160bf in main ()
7 years, 3 months
Re: (ITS#8452) LMDB: mdb_env_copyfd2 can deadlock due to missing mdb_env_cthr_toggle check
by h.b.furuseth@usit.uio.no
On 28. juni 2016 13:06, Lorenz Bauer wrote:
> I had a look at your changes, it seems like they obsolete my other bug report
> as well.
Good, I'll close that.
> At the same time, I think you are introducing a double free? In copyfd1, if
> memalign (and friends) fails you goto done, which then proceeds to free().
> Same for the case where CreateMutex or CreateFree return an error, since they
> happen before allocation, but also goto done.
In those cases the code leaves the HANDLE or pointer = NULL. free(NULL)
does nothing. The "done:" code omits CloseHandle when the handle is NULL.
Hmm. Unless failed posix_memalign() may put garbage in the destination
pointer. Probably not, but can tweak the code to be safe just in case.
--
Hallvard
7 years, 3 months
Re: (ITS#8452) LMDB: mdb_env_copyfd2 can deadlock due to missing mdb_env_cthr_toggle check
by lorenz@cloudflare.com
--94eb2c033d26fe88ce053654a1b2
Content-Type: text/plain; charset=UTF-8
I had a look at your changes, it seems like they obsolete my other bug
report as well.
At the same time, I think you are introducing a double free? In copyfd1, if
memalign (and friends) fails you goto done, which then proceeds to free().
Same for the case where CreateMutex or CreateFree return an error, since
they happen before allocation, but also goto done.
--
Lorenz
On 28 June 2016 at 11:09, Hallvard Breien Furuseth <h.b.furuseth(a)usit.uio.no
> wrote:
> Looks like a dup of ITS#8209. I've pushed a fix to
> mdb.master. Hadn't gotten around to testing it properly.
>
> --
> Hallvard
>
--94eb2c033d26fe88ce053654a1b2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">I had a look at your changes, it seems like they obsolete =
my other bug report as well.<div><br></div><div>At the same time, I think y=
ou are introducing a double free? In copyfd1, if memalign (and friends) fai=
ls you goto done, which then proceeds to free(). Same for the case where Cr=
eateMutex or CreateFree return an error, since they happen before allocatio=
n, but also goto done.</div><div><br></div><div>--</div><div>Lorenz</div></=
div><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On 28 June 20=
16 at 11:09, Hallvard Breien Furuseth <span dir=3D"ltr"><<a href=3D"mail=
to:h.b.furuseth@usit.uio.no" target=3D"_blank">h.b.furuseth(a)usit.uio.no</a>=
></span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0=
0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Looks like a dup of IT=
S#8209.=C2=A0 I've pushed a fix to<br>
mdb.master.=C2=A0 Hadn't gotten around to testing it properly.<span cla=
ss=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
-- <br>
Hallvard<br>
</font></span></blockquote></div><br></div>
--94eb2c033d26fe88ce053654a1b2--
7 years, 3 months
Re: (ITS#8452) LMDB: mdb_env_copyfd2 can deadlock due to missing mdb_env_cthr_toggle check
by lorenz@cloudflare.com
--001a1143e19852a7140536547685
Content-Type: text/plain; charset=UTF-8
Thanks for the fix, and my bad for not finding the bug report. I didn't use
the ITS interface properly.
--
Lorenz
On 28 June 2016 at 11:09, Hallvard Breien Furuseth <h.b.furuseth(a)usit.uio.no
> wrote:
> Looks like a dup of ITS#8209. I've pushed a fix to
> mdb.master. Hadn't gotten around to testing it properly.
>
> --
> Hallvard
>
--001a1143e19852a7140536547685
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Thanks for the fix, and my bad for not finding the bug rep=
ort. I didn't use the ITS interface properly.<div><br></div><div>--</di=
v><div>Lorenz<br><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">=
On 28 June 2016 at 11:09, Hallvard Breien Furuseth <span dir=3D"ltr"><<a=
href=3D"mailto:h.b.furuseth@usit.uio.no" target=3D"_blank">h.b.furuseth@us=
it.uio.no</a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=
=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Looks li=
ke a dup of ITS#8209.=C2=A0 I've pushed a fix to<br>
mdb.master.=C2=A0 Hadn't gotten around to testing it properly.<span cla=
ss=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
-- <br>
Hallvard<br>
</font></span></blockquote></div><br></div></div></div>
--001a1143e19852a7140536547685--
7 years, 3 months
(ITS#8455) LMDB: mdb_env_copyfd1 leaks memory and pthread state if mdb_txn_begin fails
by lmb@cloudflare.com
Full_Name: Lorenz Bauer
Version: git c367c1f69685
OS: OS X
URL: https://gist.github.com/lmb/c48dcdb74b4bc9bf4ecae1d70553d623
Submission from: (NULL) (2a06:98c0:1000:1200:1160:b579:2042:d902)
In case that mdb_txn_begin fails (e.g. due to no more reader slots available),
mdb_env_copyfd1 leaks my.mc_wbuf[0]. From the pthread_create man pages, it seems
like it also leaks pthread state, since the created thread is never joined.
The linked gist contains a test case, valgrind output which confirms that the
buffer is leaked, and a patch.
The patch properly frees the buffer, and always joins the thread. If the thread
was never created pthread_join simply returns an error, which is ignored
anyways. I think the same logic holds on Windows.
7 years, 3 months
(ITS#8454) audit-log overlay man pag needs some improvement
by elecharny@apache.org
Full_Name: Emmanuel Lecharny
Version: 2.4.44
OS:
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (78.235.65.101)
The current slapo-auditlog could be improve a bit by providing some more context
about the audit log file content. Typically, the first like contains important
informations like :
- the operation
- the timestamp
- the database suffix
- the modifiers' name
- and the connection ID
When this connection ID is -1, it would be interesting in the man page to inform
the users that this update is an internal update (ie, something caused by an
internal slapd update, not an user update).
A simple sentence could be : "A 'conn=-1' in the first line tells that this is
an internal operation, not an user initiated operation".
7 years, 3 months