Hallvard B Furuseth wrote:

Easily reproducable.

Great, thanks.

But there's nothing useful to fix here. If the ldap_result call doesn't return a result message, the only thing the client could do is exit(LDAP_LOCAL_ERROR) as the other failure cases do. I.e., because a connection has already been established, the library will not do any fallback. It only tries to fallback if the TCP connection attempt fails.

I'm inclined to ignore this ITS since avoiding the assert() won't change the actual outcome of the command.

./configure --without-tls --without-cyrus-sasl --disable-slapd CFLAGS="-O0 -g" make -s

echo TIMEOUT 1> ldaprc

: Run a listening "server" which just sleeps python -c 'import time; from socket import *; s = socket(AF_INET, SOCK_STREAM); s.bind(("localhost", 3890)); s.listen(5); time.sleep(9999)'&

gdb -q clients/tools/ldapsearch (gdb) run -xh localhost:3890 ldapsearch: error.c:255: ldap_parse_result: Assertion `r != ((void *)0)' failed.

(gdb) backtrace #0 0x00002b811748d265 in raise () from /lib64/libc.so.6 #1 0x00002b811748ed10 in abort () from /lib64/libc.so.6 #2 0x00002b81174866e6 in __assert_fail () from /lib64/libc.so.6 #3 0x0000000000413234 in ldap_parse_result (ld=0x65a7170, r=0x0, errcodep=0x7fffc814f1a8, matcheddnp=0x7fffc814f190, errmsgp=0x7fffc814f188, referralsp=0x7fffc814f180, serverctrls=0x7fffc814f198, freeit=1) at error.c:255 #4 0x0000000000408cfd in tool_bind (ld=0x65a7170) at common.c:1422 #5 0x0000000000403fef in main (argc=3, argv=0x7fffc8153508) at ldapsearch.c:912 (gdb) frame 4 #4 0x0000000000408cfd in tool_bind (ld=0x65a7170) at common.c:1422 1422 rc = ldap_parse_result( ld, result,&err,&matched,&info,&refs, (gdb) info locals err = 0 msgbuf = "\000\000\000\000\000\000\000\000\0005e\000\000\000\000\000(\000\000\000\021\000\000\000pqZ\006\000\000\000\000Àð\024Èÿ\177\000\000PpZ\006\000\000\000\000 rZ\006\000\000\000\000xqZ\006", '\0'<repeats 12 times>, "0óZ\006\000\000\000\000ðð\024Èÿ\177\000\000\025ú@", '\0'<repeats 13 times>, " ñ\024Èÿ\177\000\000pqZ\006\000\000\000\000\2008e\000\000\000\000\0000ñ\024Èÿ\177\000\000Qû@\000\000\000\000\0000ñ\024Èÿ\177\000\000`\216B\000\000\000\000\000PpZ\006\000\000\000\000ðñ\024Èÿ\177\000\000\003\000\000\000\000\000\000\000pqZ\006\000\000\000\000Pò\024Èÿ\177\000\000°\211@\000\000"... info = 0x0 refs = (char **) 0x0 msgid = 1 rc = 0 result = (LDAPMessage *) 0x0 ctrls = (LDAPControl **) 0x0 matched = 0x0 sctrlsp = (LDAPControl **) 0x0 sctrls = {0x0, 0x65a7020, 0x443b26} sctrl = {{ldctl_oid = 0xffffffff<Address 0xffffffff out of bounds>, ldctl_value = {bv_len = 0, bv_val = 0x0}, ldctl_iscritical = 0 '\0'}, { ldctl_oid = 0x65a7050 "ldap://localhost:3890", ldctl_value = {bv_len = 106590352, bv_val = 0x4fc2<Address 0x4fc2 out of bounds>}, ldctl_iscritical = -43 'Õ'}, {ldctl_oid = 0x65a7170 "0óZ\006", ldctl_value = {bv_len = 388262848, bv_val = 0x7fffc8153420 ""}, ldctl_iscritical = -110 '\222'}} nsctrls = 0 __PRETTY_FUNCTION__ = "tool_bind"