The branch, master has been updated via ea1c62f3c71 ldb:tests: Allow test filtering in ldb_mod_op_test via 520bb70dfd6 ldb:tests: Avoid that the debug function overwrites memory from 8db0c1bff6f s3: smbd: Only set xconn->smb1.negprot.done = true after supported_protocols[protocol].proto_reply_fn() succeeds.
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit ea1c62f3c7180e9ad5024bfcaea2d905f0b7996f Author: Andreas Schneider <a...@samba.org> Date: Wed Dec 4 13:54:04 2019 +0100 ldb:tests: Allow test filtering in ldb_mod_op_test Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Isaac Boukris <ibouk...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Thu Dec 5 17:13:36 UTC 2019 on sn-devel-184 commit 520bb70dfd65d0a5236aa83cb8d662be62169e54 Author: Andreas Schneider <a...@samba.org> Date: Wed Dec 4 13:29:26 2019 +0100 ldb:tests: Avoid that the debug function overwrites memory We are setting ldb_debug_string() as the ldb debug function. The context we give it is only valid as long as we're in that function. On failure, we jump to the teardown function. The pointer for debug_string isn't valid anymore, but the ldb debug system still points to that address, and when we store the location of the allocated string, we overwrite memory, in that case something from talloc and a talloc_free() then jumps into the nirvana. Thanks to Florian Weimer who helped debugging this. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Isaac Boukris <ibouk...@samba.org> ----------------------------------------------------------------------- Summary of changes: lib/ldb/tests/ldb_mod_op_test.c | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/tests/ldb_mod_op_test.c b/lib/ldb/tests/ldb_mod_op_test.c index b6a0d1e4f57..0aa9ac2ce27 100644 --- a/lib/ldb/tests/ldb_mod_op_test.c +++ b/lib/ldb/tests/ldb_mod_op_test.c @@ -53,6 +53,7 @@ struct ldbtest_ctx { const char *lockfile; /* lockfile is separate */ const char *dbpath; + char *debug_string; }; static void unlink_old_db(struct ldbtest_ctx *test_ctx) @@ -3747,9 +3748,11 @@ static void test_ldb_add_to_index_unique_values_required(void **state) static void ldb_debug_string(void *context, enum ldb_debug_level level, const char *fmt, va_list ap) { + struct ldbtest_ctx *test_ctx = + talloc_get_type_abort(context, struct ldbtest_ctx); if (level <= LDB_DEBUG_WARNING) { - *((char **)context) = talloc_vasprintf(NULL, fmt, ap); + test_ctx->debug_string = talloc_vasprintf(test_ctx, fmt, ap); } } @@ -3761,7 +3764,6 @@ static void test_ldb_unique_index_duplicate_logging(void **state) struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state, struct ldbtest_ctx); TALLOC_CTX *tmp_ctx; - char *debug_string = NULL; char *p = NULL; /* The GUID mode is not compatible with this test */ @@ -3769,7 +3771,7 @@ static void test_ldb_unique_index_duplicate_logging(void **state) return; #endif - ldb_set_debug(test_ctx->ldb, ldb_debug_string, &debug_string); + ldb_set_debug(test_ctx->ldb, ldb_debug_string, test_ctx); tmp_ctx = talloc_new(test_ctx); assert_non_null(tmp_ctx); @@ -3803,14 +3805,14 @@ static void test_ldb_unique_index_duplicate_logging(void **state) ret = ldb_add(test_ctx->ldb, msg02); assert_int_equal(ret, LDB_ERR_CONSTRAINT_VIOLATION); - assert_non_null(debug_string); + assert_non_null(test_ctx->debug_string); p = strstr( - debug_string, + test_ctx->debug_string, "unique index violation on cn " "in dc=test02, conflicts with dc=test01 in " "@INDEX:CN:test_unique_index"); assert_non_null(p); - TALLOC_FREE(debug_string); + TALLOC_FREE(test_ctx->debug_string); talloc_free(tmp_ctx); } @@ -3822,14 +3824,13 @@ static void test_ldb_duplicate_dn_logging(void **state) struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state, struct ldbtest_ctx); TALLOC_CTX *tmp_ctx; - char *debug_string = NULL; /* The GUID mode is not compatible with this test */ #ifdef GUID_IDX return; #endif - ldb_set_debug(test_ctx->ldb, ldb_debug_string, &debug_string); + ldb_set_debug(test_ctx->ldb, ldb_debug_string, test_ctx); tmp_ctx = talloc_new(test_ctx); assert_non_null(tmp_ctx); @@ -3863,7 +3864,7 @@ static void test_ldb_duplicate_dn_logging(void **state) ret = ldb_add(test_ctx->ldb, msg02); assert_int_equal(ret, LDB_ERR_ENTRY_ALREADY_EXISTS); - assert_null(debug_string); + assert_null(test_ctx->debug_string); talloc_free(tmp_ctx); } @@ -3951,10 +3952,9 @@ static void test_ldb_unique_index_duplicate_with_guid(void **state) struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state, struct ldbtest_ctx); TALLOC_CTX *tmp_ctx; - char *debug_string = NULL; char *p = NULL; - ldb_set_debug(test_ctx->ldb, ldb_debug_string, &debug_string); + ldb_set_debug(test_ctx->ldb, ldb_debug_string, test_ctx); tmp_ctx = talloc_new(test_ctx); assert_non_null(tmp_ctx); @@ -3988,15 +3988,14 @@ static void test_ldb_unique_index_duplicate_with_guid(void **state) ret = ldb_add(test_ctx->ldb, msg02); assert_int_equal(ret, LDB_ERR_CONSTRAINT_VIOLATION); - assert_non_null(debug_string); + assert_non_null(test_ctx->debug_string); p = strstr( - debug_string, + test_ctx->debug_string, "unique index violation on cn in dc=test02, conflicts with " "objectUUID 0123456789abcdef in @INDEX:CN:test_unique_index"); assert_non_null(p); - TALLOC_FREE(debug_string); + TALLOC_FREE(test_ctx->debug_string); talloc_free(tmp_ctx); - ldb_set_debug(test_ctx->ldb, NULL, NULL); } static void test_ldb_guid_index_duplicate_dn_logging(void **state) @@ -4007,9 +4006,8 @@ static void test_ldb_guid_index_duplicate_dn_logging(void **state) struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state, struct ldbtest_ctx); TALLOC_CTX *tmp_ctx; - char *debug_string = NULL; - ldb_set_debug(test_ctx->ldb, ldb_debug_string, &debug_string); + ldb_set_debug(test_ctx->ldb, ldb_debug_string, test_ctx); tmp_ctx = talloc_new(test_ctx); assert_non_null(tmp_ctx); @@ -4043,9 +4041,8 @@ static void test_ldb_guid_index_duplicate_dn_logging(void **state) ret = ldb_add(test_ctx->ldb, msg02); assert_int_equal(ret, LDB_ERR_ENTRY_ALREADY_EXISTS); - assert_null(debug_string); + assert_null(test_ctx->debug_string); talloc_free(tmp_ctx); - ldb_set_debug(test_ctx->ldb, NULL, NULL); } static void test_ldb_talloc_destructor_transaction_cleanup(void **state) @@ -4717,5 +4714,9 @@ int main(int argc, const char **argv) ldbtest_teardown), }; + if (argc > 1) { + cmocka_set_test_filter(argv[1]); + } + return cmocka_run_group_tests(tests, NULL, NULL); } -- Samba Shared Repository