[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6638) ldapseach segfault on OSX

To: openldap-its@OpenLDAP.org
Subject: (ITS#6638) ldapseach segfault on OSX
From: quanah@zimbra.com
Date: Thu, 2 Sep 2010 18:14:13 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Quanah Gibson-Mount
Version: 2.4.23
OS: Mac OSX 10.6
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (75.111.45.108)


When querying AD from a mac, we found that we can segfault ldapsearch.  This
segfault does not happen when running the same query from linux.  Here is the
backtrace:

(gdb) thr apply all bt full

Thread 1 (core thread 0):
#0  0x00007fff80697180 in strlen ()
No symbol table info available.
#1  0x000000010008ae22 in ber_put_string (ber=0x100401480, str=0x686372616573
<Address 0x686372616573 out of bounds>, tag=18446744073709551615) at
encode.c:273
No locals.
#2  0x000000010008be20 in ber_printf (ber=0x100401480, fmt=0x10005f5e4 "s{") at
encode.c:575
        ap = {{
    gp_offset = 24,
    fp_offset = 48,
    overflow_arg_area = 0x7fff5fbfeb00,
    reg_save_area = 0x7fff5fbfea40
  }}
        s = 0x686372616573 <Address 0x686372616573 out of bounds>
        ss = (char **) 0x0
        bv = (struct berval *) 0x0
        bvp = (struct berval **) 0x7fff8069dc3b
        rc = 0
        i = 584234
        len = 140734799800880
#3  0x00000001000586d8 in ldap_create_deref_control_value (ld=0x100401130,
ds=0x100400130, value=0x100016a20) at deref.c:68
        j = 1
        ber = (BerElement *) 0x100401480
        tag = 18
        i = 1
        __func__ = "\000\000\000\000\000\000\000Critical extension is una"
#4  0x0000000100003a28 in main (argc=13, argv=0x7fff5fbff4f8) at
ldapsearch.c:1090
        i = 0
        filtpattern = 0x7fff5fbff739 "(CN=SE-EMEA-OEM)"
        attrs = (char **) 0x7fff5fbff558
        line = '\0' <repeats 504 times>,
"ï¿½ï¿½ï¿½_ï¿½\000\000ï¿½ï¿½_ï¿½\000\000\006\003ï¿½ï¿½ï¿½\000\000\000ï¿½_ï¿½\000\000ï¿½&ï¿½_ï¿½",
'\0' <repeats 18 times>,
"ï¿½ï¿½ï¿½_ï¿½\000\000\020ï¿½_ï¿½\000\000ï¿½ï¿½_ï¿½\000\000ï¿½\005ï¿½_ï¿½\000\000ï¿½ï¿½~L\000\000\000\000=ï¿½\002\000ï¿½\000\000ï¿½\000\000\000Ì¹ï¿½T\035ï¿½_ï¿½ï¿½dYhMï¿½6T{ï¿½bjï¿½\033\020v:ï¿½*ï¿½b7\003a/ï¿½Mï¿½ï¿½ï¿½ï¿½ï¿½ï¿½8ï¿½Lï¿½ï¿½Xï¿½\025Cï¿½Ô¶&Úxï¿½6cï¿½Oï¿½ï¿½Dpb*\030\tdï¿½ï¿½ï¿½^biï¿½}ï¿½ï¿½&ï¿½yï¿½fï¿½q"...
        fp = (FILE *) 0x0
        rc = 0
        rc1 = 0
        i = 0
        first = 0
        ld = (LDAP *) 0x100401130
        seber = (BerElement *) 0x0
        vrber = (BerElement *) 0x0
        syncber = (BerElement *) 0x0
        syncbvalp = (struct berval *) 0x0
        err = 0


Search was:

/opt/zimbra/openldap/bin/ldapsearch -LLL -D ... -w ... -H ldap://...:3268 -x -E
deref=member:mail "(CN=test)" mail

Segmentation fault (core dumped)

Prev by Date: Re: objectClass index from slapd.conf is not working
Next by Date: (ITS#6639) syncrepl failing using SASL/GSSAPI
Index(es):
- Chronological
- Thread