nespor@id.ethz.ch wrote:
Full_Name: Vlado Nespor Version: 2.4.44 OS: Red Hat el7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:67c:10ec:32d0::222)
We have experienced random slapd segmentation faults, when the relay backend and rwm overlay were used in the configuration. After some time I could reproduce the segmentation fault on a slow client and with test queries, which were supposed to return a larger set of entries.
I could trace the problem to a wrong pointer in the slap_writewait_play function in the openldap-2.4.44/servers/slapd/result.c file, and then further to the openldap-2.4.44/servers/slapd/back-relay/op.c file. After the addition of the sc_writewait pointer initialisation (see the patch below), the test queries returned correct results and random slapd segmentation faults disappeared.
Thanks for the report, but this was already fixed in ITS#8218 released in 2.4.43. Sounds like Red Hat has botched their source code since the official fix has been out for nearly 2 years already.
With best regards,
Vlado Nespor
diff -rupN openldap-2.4.44/servers/slapd/back-relay/op.c openldap-2.4.44_back-relay/servers/slapd/back-relay/op.c --- openldap-2.4.44/servers/slapd/back-relay/op.c 2016-02-06 00:57:45.000000000 +0100 +++ openldap-2.4.44_back-relay/servers/slapd/back-relay/op.c 2017-02-07 15:09:55.046188340 +0100 @@ -97,6 +97,7 @@ relay_back_response_cb( Operation *op, S (rcb)->rcb_sc.sc_next = (op)->o_callback; \ (rcb)->rcb_sc.sc_response = relay_back_response_cb; \ (rcb)->rcb_sc.sc_cleanup = 0; \
(rcb)->rcb_sc.sc_writewait = 0; \}
-
hyc@symas.com