https://bugs.openldap.org/show_bug.cgi?id=9879
Issue ID: 9879
Summary: Crash in bindconf_free
Product: OpenLDAP
Version: 2.6.2
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: b...@openldap.org
Reporter: dpa-openl...@aegee.org
Target Milestone: ---
Slapd 2.6 (git commit 0dc9ff2594da) produes at start this output: free():
invalid pointer . The core-dump is:
gdb /git/openldap bt f
#0 __pthread_kill_internal (signo=6, threadid=<optimized out>) at
pthread_kill.c:45
pid = 3060261
tid = 3060261
pd = <optimized out>
val = 0
tid = <optimized out>
pd = <optimized out>
val = <optimized out>
sc_ret = <optimized out>
resultvar = <optimized out>
__x = <optimized out>
pid = <optimized out>
resultvar = <optimized out>
__arg3 = <optimized out>
__arg2 = <optimized out>
__arg1 = <optimized out>
_a3 = <optimized out>
_a2 = <optimized out>
_a1 = <optimized out>
#1 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at
pthread_kill.c:62
No locals.
#2 0x00007ff2445a91f2 in __GI_raise (sig=sig@entry=6) at
../sysdeps/posix/raise.c:26
ret = <optimized out>
#3 0x00007ff24459443b in __GI_abort () at abort.c:79
save_stage = 1
act = {
__sigaction_handler = {
sa_handler = 0x7ff244e0b590,
sa_sigaction = 0x7ff244e0b590
},
sa_mask = {
__val = {140678513857256, 140678514176000, 0, 4360521566522441729,
4294967295, 17981341232831397889, 140678513857472,
140678514176000, 140678513858576, 140678514161728, 37835024,
140678514167232, 5433280, 140727718055568, 140727718055515,
140678514247725}
},
sa_flags = 1,
sa_restorer = 0x0
}
sigs = {
__val = {32, 1, 140678501620784, 1, 0, 1, 140678514176000, 1,
140678501620784, 140678514176000, 140678514176880, 0,
140678514389536, 1, 140677358813185, 4294967295}
}
#4 0x00007ff2445e7c00 in __libc_message (action=action@entry=do_abort,
fmt=fmt@entry=0x7ff2447185f4 "%s\n")
at ../sysdeps/posix/libc_fatal.c:155
ap = {{
gp_offset = 24,
fp_offset = 0,
overflow_arg_area = 0x7ffdb9a4f2e0,
reg_save_area = 0x7ffdb9a4f270
}}
[31/1957]
fd = <optimized out>
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
#5 0x00007ff2445fc64a in malloc_printerr (str=str@entry=0x7ff244716247
"free(): invalid pointer") at malloc.c:5543
No locals.
#6 0x00007ff2445fddbc in _int_free (av=<optimized out>, p=<optimized out>,
have_lock=0) at malloc.c:4326
size = 0
fb = <optimized out>
nextchunk = <optimized out>
nextsize = <optimized out>
nextinuse = <optimized out>
prevsize = <optimized out>
bck = <optimized out>
fwd = <optimized out>
__PRETTY_FUNCTION__ = "_int_free"
#7 0x00007ff244600821 in __GI___libc_free (mem=<optimized out>) at
malloc.c:3278
ar_ptr = <optimized out>
p = <optimized out>
err = 13
#8 0x000000000041ab72 in bindconf_free (bc=bc@entry=0x52b970 <ldifocs+48>) at
config.c:1611
No locals.
#9 0x000000000046b908 in syncinfo_free (sie=0x52b940 <ldifocs>,
free_all=free_all@entry=1) at syncrepl.c:6052
si_next = 0x4d8530
#10 0x0000000000429815 in backend_destroy_one (bd=0x52d8f0 <cfBackInfo+16>,
dynamic=0) at backend.c:456
No locals.
#11 0x000000000041651a in config_back_db_destroy (be=<optimized out>,
cr=<optimized out>) at bconfig.c:7610
cfb = 0x52d8e0 <cfBackInfo>
#12 0x000000000042981d in backend_destroy_one (bd=0x2445920, dynamic=1) at
backend.c:459
No locals.
#13 0x000000000042993a in backend_destroy () at backend.c:498
bd = <optimized out>
bi = <optimized out>
#14 0x000000000043e04f in slap_destroy () at init.c:258
rc = <optimized out>
#15 0x000000000040a12c in main (argc=<optimized out>, argv=0x7ffdb9a4f628) at
main.c:890
i = <optimized out>
no_detach = <optimized out>
rc = 1
urls = 0x7ffdb9a50e90 "ldap://ldap.aegee.org/ ldaps://ldap.aegee.org
ldapi://%2Fvar%2Frun%2Fldapi"
username = 0x7ffdb9a50e60 "openldap"
groupname = 0x0
sandbox = 0x7ffdb9a50e6c "/home/openldap"
pid = <optimized out>
waitfds = {38815280, 0}
g_argc = <optimized out>
g_argv = 0x7ffdb9a4f628
configfile = 0x0
configdir = 0x7ffdb9a50e7e "/etc/openldap/"
serverMode = 1
scp = <optimized out>
scp_entry = <optimized out>
serverNamePrefix = <synthetic pointer>
l = <optimized out>
slapd_pid_file_unlink = <optimized out>
slapd_args_file_unlink = <optimized out>
firstopt = <optimized out>
Going back to commit 2cf617938 does work fine.
To be precise, openldap reads certificates from its chrooted file -
chr/etc/openssl/certs/ca-bundle.crt , but it had no read-access to the
chr/etc/openssl/certs directory. At commit 2cf617938 does not crash at the
latest 2.6 it crashes.
--
You are receiving this mail because:
You are on the CC list for the issue.
