[Issue 10135] New: dynlist (and maybe others) doesn't use the right overinst context in callbacks
https://bugs.openldap.org/show_bug.cgi?id=10135
Issue ID: 10135 Summary: dynlist (and maybe others) doesn't use the right overinst context in callbacks Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs@openldap.org Reporter: ondra@mistotebe.net Target Milestone: ---
Running the test suite with `-fsanitize=address` picks up a bug in https://git.openldap.org/openldap/openldap/-/blob/860b61f41dfeeb19cc0eb011f2...
Here, op->o_bd->bd_info isn't actually dynlist but mdb's own static bi, so overlay_entry_get_ov then reaches into the void when reading on->on_info.
It's very likely that other places/overlays share the same bug as it is subtle and doesn't get picked up immediately (slap_overinst embeds a BackendInfo and oi_orig is not often set).
https://bugs.openldap.org/show_bug.cgi?id=10135
Ondřej Kuzník ondra@mistotebe.net changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=6166
https://bugs.openldap.org/show_bug.cgi?id=10135
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |2.5.17 Keywords|needs_review |
https://bugs.openldap.org/show_bug.cgi?id=10135
--- Comment #1 from Ondřej Kuzník ondra@mistotebe.net --- Trying to deal with this, dynlist is deeply married to using op->o_bd->bd_info in places that could be coming from a callback (dynlist_nested_member, ...). I can't see a clear way to disentagle this myself.
Howard, do you want to take this on?
https://bugs.openldap.org/show_bug.cgi?id=10135
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |IN_PROGRESS
--- Comment #2 from Howard Chu hyc@openldap.org --- https://git.openldap.org/openldap/openldap/-/merge_requests/667
https://bugs.openldap.org/show_bug.cgi?id=10135
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |TEST
--- Comment #3 from Quanah Gibson-Mount quanah@openldap.org --- head:
• b3eab2ce by Howard Chu at 2024-01-10T19:33:38+00:00 ITS#10135 dynlist: fix search2resp callback context
https://bugs.openldap.org/show_bug.cgi?id=10135
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED
--- Comment #4 from Quanah Gibson-Mount quanah@openldap.org --- RE26:
• ffdd12f0 by Howard Chu at 2024-01-16T20:38:57+00:00 ITS#10135 dynlist: fix search2resp callback context
RE25:
• a4026502 by Howard Chu at 2024-01-16T20:39:11+00:00 ITS#10135 dynlist: fix search2resp callback context
https://bugs.openldap.org/show_bug.cgi?id=10135
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=10044
--- Comment #5 from Quanah Gibson-Mount quanah@openldap.org --- *** Issue 10044 has been marked as a duplicate of this issue. ***
https://bugs.openldap.org/show_bug.cgi?id=10135
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org