https://bugs.openldap.org/show_bug.cgi?id=9802
Issue ID: 9802 Summary: Segfault while changing configuration in OpenLDAP 2.6.1 Product: OpenLDAP Version: 2.6.1 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: manuel.flury@gmail.com Target Milestone: ---
Created attachment 878 --> https://bugs.openldap.org/attachment.cgi?id=878&action=edit GDB traces and olcConfig
Dear all,
I am trying to configure back_meta for testing virtual directory.
Attached is my config. It may not make sense.
Trying to change configuration under olcMetaSub={0}uri,olcDatabase={1}meta,cn=config
From : {5}rewriteRule "^(.+uid=[^,]+)@domain.two.com(,.*)$" "${&&target("ou=people,dc=domain,dc=two,dc=com")}$1$2" ":"
To: {5}rewriteRule "^(.+uid=[^,]+)@domain.two.com(,.*)$" "${&&target("ou=mynetworkpeople,o=my.example.com")}$1$2" ":"
I get a segfault.
Please find attached the gdb traces.
Before segfault, slapd is able to log the following messages:
Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: activity on 1 descriptor Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: activity on:Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: 10rFeb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: read active on 10 Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: epoll: listen=7 active_threads=0 tvp=NULL Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: epoll: listen=8 active_threads=0 tvp=NULL Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: connection_get(10): got connid=1000 Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: connection_read(10): checking for input on id=1000 Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: op tag 0x66, time 1645812518 Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: conn=1000 op=14 do_modify Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: activity on 1 descriptor Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: >>> dnPrettyNormal: <olcMetaSub={0}uri,olcDatabase={1}meta,cn=config> Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: activity on:Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: epoll: listen=7 active_threads=0 tvp=NULL Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: daemon: epoll: listen=8 active_threads=0 tvp=NULL Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: <<< dnPrettyNormal: <olcMetaSub={0}uri,olcDatabase={1}meta,cn=config>, <olcMetaSub={0}uri,olcDatabase={1}meta,cn=config> Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: conn=1000 op=14 MOD dn="olcMetaSub={0}uri,olcDatabase={1}meta,cn=config" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: conn=1000 op=14 MOD attr=olcDbRewrite olcDbRewrite Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: slap_get_csn: conn=1000 op=14 generated new csn=20220225180838.334352Z#000000#001#000000 manage=1 Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: slap_queue_csn: queueing 0x7f030c140330 20220225180838.334352Z#000000#001#000000 Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_required entry (olcMetaSub={0}uri,olcDatabase={1}meta,cn=config), objectClass "olcMetaTargetConfig" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "objectClass" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcMetaSub" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbURI" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbIDAssertBind" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbRewrite" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbKeepalive" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbBindTimeout" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbCancel" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbChaseReferrals" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbNoRefs" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbNoUndefFilter" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbNretries" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbProtocolVersion" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbRebindAsUser" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbSessionTrackingRequest" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "olcDbTFSupport" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "structuralObjectClass" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "entryUUID" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "creatorsName" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "createTimestamp" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "entryCSN" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "modifiersName" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: oc_check_allowed type "modifyTimestamp" Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: >>> dnPrettyNormal: <dc=my,dc=example,dc=com> Feb 25 19:08:38 mydevldapsrvmd21.datacenter.my.example.com slapd[1066842]: <<< dnPrettyNormal: <dc=my,dc=example,dc=com>, <dc=my,dc=example,dc=com>
Best Regards
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |2.5.12 Keywords|needs_review | Assignee|bugs@openldap.org |hyc@openldap.org
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Segfault while changing |back-config segfault while |configuration in OpenLDAP |changing configuration for |2.6.1 |back-meta
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #1 from Howard Chu hyc@openldap.org --- Unable to reproduce.
Using this modify LDIF, ldapmodify works fine.
### dn: olcMetaSub={0}uri,olcDatabase={1}meta,cn=config changetype: modify delete: olcDbRewrite olcDbRewrite: {5} - add: olcDbRewrite olcDbRewrite: {5}rewriteRule "^(.+uid=[^,]+)@domain.two.com(,.*)$" "${&&target("ou=mynetworkpeople,o=my.example.com")}$1$2" ":"
###
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #2 from manuel.flury@gmail.com --- Created attachment 880 --> https://bugs.openldap.org/attachment.cgi?id=880&action=edit New gdb traces
Hi Howard,
I retried to reproduce the issue and was thinking it always occured, but indeed I had to insist to finally trigger a SIGABRT.
I hope the gdb traces attached will help you to identify the issue.
Best regards
Manuel FLURY
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #3 from Howard Chu hyc@openldap.org --- (In reply to manuel.flury from comment #2)
Created attachment 880 [details] New gdb traces
Hi Howard,
I retried to reproduce the issue and was thinking it always occured, but indeed I had to insist to finally trigger a SIGABRT.
I hope the gdb traces attached will help you to identify the issue.
Best regards
Manuel FLURY
Can you confirm that the modify request you used is identical to the one I tested?
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #4 from manuel.flury@gmail.com --- Hi,
I used a replace not delete then add:
dn: olcMetaSub={0}uri,olcDatabase={1}meta,cn=config changetype: modify replace: olcDbRewrite olcDbRewrite: {0}rewriteEngine "on" olcDbRewrite: {1}rewriteContext "searchDN" olcDbRewrite: {2}rewriteRule "OU=People,[ ]?DC=my,[ ]?DC=example,[ ]?DC=com " "${**target}" ":" olcDbRewrite: {3}rewriteContext SearchFilter olcDbRewrite: {4}rewriteRule "^(.+uid=[^,]+)@domain.one.com(,.*)$" "${&&target("ou=people,dc=domain,dc=one,dc=com")}$1$2" ":" olcDbRewrite: {5}rewriteRule "^(.+uid=[^,]+)@domain.two.com(,.*)$" "${&&target("ou=mynetworkpeople,o=my.example.com")}$1$2" ":" -
B.R.
Manuel FLURY
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #5 from Howard Chu hyc@openldap.org --- (In reply to manuel.flury from comment #4)
Hi,
I used a replace not delete then add:
dn: olcMetaSub={0}uri,olcDatabase={1}meta,cn=config changetype: modify replace: olcDbRewrite olcDbRewrite: {0}rewriteEngine "on" olcDbRewrite: {1}rewriteContext "searchDN" olcDbRewrite: {2}rewriteRule "OU=People,[ ]?DC=my,[ ]?DC=example,[ ]?DC=com " "${**target}" ":" olcDbRewrite: {3}rewriteContext SearchFilter olcDbRewrite: {4}rewriteRule "^(.+uid=[^,]+)@domain.one.com(,.*)$" "${&&target("ou=people,dc=domain,dc=one,dc=com")}$1$2" ":" olcDbRewrite: {5}rewriteRule "^(.+uid=[^,]+)@domain.two.com(,.*)$" "${&&target("ou=mynetworkpeople,o=my.example.com")}$1$2" ":"
B.R.
Manuel FLURY
Thanks. Still not able to reproduce, even with multiple repetitions of this modification. Can you run under valgrind and still reproduce it?
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #6 from manuel.flury@gmail.com --- Created attachment 882 --> https://bugs.openldap.org/attachment.cgi?id=882&action=edit LDIF used for update
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #7 from manuel.flury@gmail.com --- Created attachment 883 --> https://bugs.openldap.org/attachment.cgi?id=883&action=edit gdb trace
Another gdb trace until I can get valgrind.
Command used t update using backmeta_update.ldif was:
$ ldapmodify -Q -Y EXTERNAL -H ldapi://%2Fopt%2Flocal%2Fserver%2Fslapdlogs%2Fvar%2Frun%2Fldapi_backmeta -f backmeta_update.ldif modifying entry "olcMetaSub={0}uri,olcDatabase={1}meta,cn=config"
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #8 from manuel.flury@gmail.com --- Hi Howard,
I will require a few day before I am able to come back to you with valgrind traces.
I just retried to post gdb traces in case they contain more useful informations.
Best regards
M.F.
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #9 from manuel.flury@gmail.com --- Not sure if it could also be useful, during gdb session, here are the message and the SIGABRT signal received:
(gdb) cont Continuing.
Thread 3 "slapd" received signal SIGABRT, Aborted. [Switching to Thread 0x7f4cf2614700 (LWP 3407352)] __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 return ret; (gdb) set pagination off
https://bugs.openldap.org/show_bug.cgi?id=9802
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |IN_PROGRESS
--- Comment #10 from Howard Chu hyc@openldap.org --- I see, the LDIF you attached is not the same as what you pasted in your earlier reply. I've now reproduced and fixed the issue. https://git.openldap.org/openldap/openldap/-/merge_requests/505
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #11 from manuel.flury@gmail.com --- Sorry, I didn't noticed the ordering issue.
Thank you very much for the fix !
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED
--- Comment #12 from Quanah Gibson-Mount quanah@openldap.org --- Commits: • d878ebc3 by Howard Chu at 2022-03-21T20:21:20+00:00 ITS#9802 slapd-meta: fix rewrite config SEGV
• e9b11154 by Howard Chu at 2022-03-21T20:21:20+00:00 ITS#9802 slapd-meta: fix rewrite config ordering
• f0a6465f by Howard Chu at 2022-03-21T20:21:20+00:00 ITS#9802 slapd-ldap/meta/async-meta: plug memleak in keepalive config
RE26:
• cefc5608 by Howard Chu at 2022-03-21T21:53:15+00:00 ITS#9802 slapd-meta: fix rewrite config SEGV
• 0d32cbc3 by Howard Chu at 2022-03-21T21:53:20+00:00 ITS#9802 slapd-meta: fix rewrite config ordering
• 4bffb095 by Howard Chu at 2022-03-21T21:53:24+00:00 ITS#9802 slapd-ldap/meta/async-meta: plug memleak in keepalive config
RE25:
• 6fd046ed by Howard Chu at 2022-03-21T21:57:29+00:00 ITS#9802 slapd-meta: fix rewrite config SEGV
• 628ebbd1 by Howard Chu at 2022-03-21T21:57:33+00:00 ITS#9802 slapd-meta: fix rewrite config ordering
• e9b8c04d by Howard Chu at 2022-03-21T21:57:37+00:00 ITS#9802 slapd-ldap/meta/async-meta: plug memleak in keepalive config
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |--- Status|RESOLVED |CONFIRMED
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS
https://bugs.openldap.org/show_bug.cgi?id=9802
--- Comment #13 from Quanah Gibson-Mount quanah@openldap.org --- https://git.openldap.org/openldap/openldap/-/merge_requests/515/
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|IN_PROGRESS |RESOLVED
--- Comment #14 from Quanah Gibson-Mount quanah@openldap.org --- RE26: • adc32fbc by Ondřej Kuzník at 2022-04-27T15:40:09+00:00 ITS#9802 Fix argv handling
RE25:
• d64437da by Ondřej Kuzník at 2022-04-27T15:41:26+00:00 ITS#9802 Fix argv handling
https://bugs.openldap.org/show_bug.cgi?id=9802
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org