https://bugs.openldap.org/show_bug.cgi?id=9526
Issue ID: 9526 Summary: slapadd -w crashes Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: grapvar@gmail.com Target Milestone: ---
Let slapd.conf is:
database mdb suffix "o=Foo" sync_use_subentry
database is blank and we are adding this foo.ldif:
dn: o=FOO objectClass:organization
Let's load:
slapd -T add -v -l foo.ldif -w
then on Solaris:
added: "o=FOO" (00000001) Segmentation Fault (core dumped)
... on Linux:
added: "o=FOO" (00000001) => mdb_next_id: get failed: Invalid argument (22) => mdb_tool_next_id: next_id failed: Invalid argument (22) => mdb_tool_entry_put: txn_aborted! Invalid argument (22) slapadd: couldn't create context entry Closing DB...
This is because:
* mdb_tool_next_id() takes dead global [tools.c`static MDB_cursor *mcp] for further operations * cursor is dead because mdb_tool_entry_put() didn't initialized it * mdb_tool_entry_put() didn't initialized cursor because it thinks it is initialized, because there is an active global [tools.c`MDB_txn *mdb_tool_txn] * transaction was initialized by mdb_tool_dn2id_get(), which doesn't care about cursors.
Long story short: the global state in tools.c is not managed consistently and needs rethinking.