#49121 ns-slapd crashes in ldif_sput due to the output buf size is less than the real size.
Closed: wontfix 6 years ago Opened 7 years ago by nhosoi.

Description of problem:

Our multimaster environment with four nodes is attached to the Novel IDM.
When large dataset is migrated to the 389-ds it just dies.

Version-Release number of selected component (if applicable):

Name        : 389-ds-base
Arch        : x86_64
Version     : 1.3.5.10
Release     : 15.el7_3

How reproducible:

I just enable driver from the Novel to start synching data to the multimaster cluster.

Actual results:
* [4373826.739387] ns-slapd[2666]: segfault at 7f68b4000000 ip 00007f68b29513ac
sp 00007f68807eef98 error 4 in libc-2.17.so[7f68b28d1000+1b6000]
* [4720607.858694] traps: ns-slapd[21687] general protection ip:7f3545b5cdab
sp:7f35107e6240 error:0 in libc-2.17.so[7f3545ade000+1b6000]

Expected results:
Data should be synched

git patch file (master) -- Just for record -- Even worse shortage of buffer.
0002-Ticket-49121-ns-slapd-crashes-in-ldif_sput-due-to-th.patch

git patch file (master) -- CI test; Cannot reproduce the Invalid write
ticket49121_test.py

git patch file (master) -- CI test; Cannot reproduce the Invalid write
ticket49121_test.utf8.py

Note: ticket49121_test.utf8.py​ requires dirsrvtests/tests/data/ticket49121/utf8str.txt.

First, I suspected the issue could be in the base64 encoding and wrapping at the 78 bytes in ldif_sput. So, I tested with the multi-byte value like this.

I ran the test with this short multi-byte value as well as a long one (48003 bytes).
{{{
$ cat ../data/ticket49121/utf8str.txt.short
あいうえお
}}}
But I could not duplicate the issue. Thus, I now think base64 nor wrapping are not playing any role in this Invalid write.

Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone: 1.3.5 backlog

7 years ago

Metadata Update from @nhosoi:
- Custom field reviewstatus adjusted to review
- Custom field version adjusted to 1.3.6
- Issue close_status updated to: None

7 years ago

Metadata Update from @nhosoi:
- Issue set to the milestone: 1.2.11.33 (was: 1.3.5 backlog)

7 years ago
7 years ago

Metadata Update from @firstyear:
- Custom field reviewstatus adjusted to ack (was: review)

7 years ago

Reviewed by William (Thanks!!)

Pushed to master:
5cd0a03..543fe89 master -> master
commit 543fe89

Pushed to 389-ds-base-1.3.5:
0929992..17fcd6f 389-ds-base-1.3.5 -> 389-ds-base-1.3.5
commit 17fcd6fb80d2da563087f02bdfe9223d8d91c548

Pushed to 389-ds-base-1.2.11:
b73428c..960ad68 389-ds-base-1.2.11 -> 389-ds-base-1.2.11
commit 960ad68

Metadata Update from @nhosoi:
- Issue status updated to: Closed (was: Open)

7 years ago

Sorry the master and 1.3.5 branches were reset, so the patch needs to be applied on those branches again.

Metadata Update from @mreynolds:
- Issue status updated to: Open (was: Closed)

7 years ago

No problem, Mark!

Pushed to master:
5cd0a03. 543fe89 master -> master
commit 543fe89

Pushed to 389-ds-base-1.3.5:
23d98ba..8fcda3d 389-ds-base-1.3.5 -> 389-ds-base-1.3.5
commit 8fcda3d

Metadata Update from @nhosoi:
- Issue status updated to: Closed (was: Open)

7 years ago

Metadata Update from @mreynolds:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2180

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)

3 years ago

Login to comment on this ticket.

Metadata