un-initalised value use in samba3 LDAP group mapping

Adam Tauno Williams awilliam at whitemice.org
Wed Nov 9 14:40:35 MST 2011

On Wed, 2011-11-09 at 08:24 +1100, Andrew Bartlett wrote:
> On Tue, 2011-11-08 at 08:35 -0500, Adam Tauno Williams wrote:
> > On Tue, 2011-11-08 at 23:21 +1100, Andrew Bartlett wrote:
> > > On Mon, 2011-11-07 at 09:39 -0500, Adam Tauno Williams wrote:
> > > > > Output of the valgrind is attached.
> > > > And this one is with the correct path to samba-tool. :)
> > > > valgrind /usr/bin/python /opt/s4/sbin/samba-tool domain samba3upgrade  
> > > > --dbdir=/tmp/x  /tmp/x/smb.conf
> > > > > linux-hvej:~ # /opt/s4/sbin/samba --version
> > > > > Version 4.0.0alpha18-GIT-1d53109
> > > Using that git revision and the dataset from 'make test', I can
> > > reproduce (at least as far as an invalid read, but not an un-initialised
> > > read) the issue with the SDDL library, but it appears to be due to
> > > strspn in glibc reading beyond the NULL terminator. 
> > > So, the question really is, what is different about your setup?  
> > > Can you also try with the additional valgrind option --track-origins=yes
> > 
> > valgrind --track-origins=yes /usr/bin/python /opt/s4/sbin/samba-tool
> > domain samba3upgrade --dbdir=/tmp/x  /tmp/x/smb.conf 2>valgrind.out
> Can you run:
> valgrind --track-origins=yes bin/net groupmap list -s tmp/x/smb.conf 
> Also, can you run both commands at some point before commit
> 995d1567265be178b4e45f79ea4562a7041ffa52, as I think there may be an
> issue with the change to remove fstrings from the struct GROUP_MAP.

I've still got to do both the above, but the attached patches did fix
the import problem.  It now goes on to a provisioning error but that may
be an error in our daya.

> The problem we have here is that the LDAP backend is not tested in 'make
> test', and so is tricky to avoid regressions with. 
> I've also attached two patches to (I hope) fix the issue, if you could
> please test them.  

# git pull
# git clean -d -f -x
# ./configure.developer --prefix=/opt/s4
# make
# make install
--- Test domain upgrade, fails same as before
# patch -p1
< /tmp/0001-s3-passdb-Initialise-the-correct-level-of-pointer-de.patch 
patching file source3/passdb/pdb_ldap.c
# patch -p1 < /tmp/000
# patch -p1
< /tmp/0002-s3-py_passdb-Ensure-that-group-mapping-list-input-is.patch 
patching file source3/passdb/py_passdb.c
# make
[ 161/3913] Generating smbd/build_options.c
[3057/3913] Compiling source3/passdb/pdb_ldap.c
[3064/3913] Compiling source3/passdb/py_passdb.c
[3481/3913] Linking default/source3/libpdb.so
[3488/3913] Linking default/examples/pdb/libpdb-test.so
# make install
# samba-tool domain samba3upgrade --dbdir=/tmp/x  /tmp/x/smb.conf
Reading smb.conf
no talloc stackframe around, leaking memory
Exporting account policy
Exporting groups
Exporting users
  Skipping wellknown rid=500 (for username=root)
  Skipping inter-domain trust from domain micore, this trust must be
re-created as an AD trust
Next rid = 10051
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=micore,DC=us
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Adding DNS accounts
Populating CN=MicrosoftDNS,CN=System,DC=micore,DC=us
rndc: connect failed: connection refused
rndc: connect failed: connection refused
See /opt/s4/private/named.conf for an example configuration include file
for BIND
and /opt/s4/private/named.txt for further documentation required for
secure DNS updates
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated
at /opt/s4/private/krb5.conf
Please install the phpLDAPadmin configuration located
at /opt/s4/private/phpldapadmin-config.php
into /etc/phpldapadmin/config.php
Once the above files are installed, your Samba4 server will be ready to
Server Role:           domain controller
Hostname:              BARBEL
NetBIOS Domain:        BACKBONE
DNS Domain:            micore.us
DOMAIN SID:            S-1-5-21-2037442776-3290224752-88127236
Admin password:        None
Importing WINS database
Importing Account policy
Importing idmap database
Cannot open idmap database, Ignoring: [Errno 2] No such file or
Ignoring unknown parameter "server role"
Importing groups
Group already exists sid=S-1-5-21-2037442776-3290224752-88127236-514,
groupname=Domain Guests existing_groupname=Domain Guests, Ignoring.
Group already exists sid=S-1-5-32-544, groupname=Administrators
existing_groupname=Administrators, Ignoring.
Group already exists sid=S-1-5-32-550, groupname=Print Operators
existing_groupname=Print Operators, Ignoring.
Group already exists sid=S-1-5-21-2037442776-3290224752-88127236-512,
groupname=Domain Admins existing_groupname=Domain Admins, Ignoring.
Importing users
Adding users to groups
ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception -
ProvisioningError: Could not add member
'S-1-5-21-2037442776-3290224752-88127236-1062' to group
'S-1-5-21-2037442776-3290224752-88127236-514' as either group or user
record doesn't exist: Unable to find GUID for DN 

  File "/opt/s4/lib64/python2.7/site-packages/samba/netcmd/__init__.py",
line 167, in _run
    return self.run(*args, **kwargs)
  File "/opt/s4/lib64/python2.7/site-packages/samba/netcmd/domain.py",
line 633, in run
  File "/opt/s4/lib64/python2.7/site-packages/samba/upgrade.py", line
694, in upgrade_from_samba3
    add_users_to_group(result.samdb, g, groupmembers[g.nt_name], logger)
  File "/opt/s4/lib64/python2.7/site-packages/samba/upgrade.py", line
236, in add_users_to_group
    raise ProvisioningError("Could not add member '%s' to group '%s' as
either group or user record doesn't exist: %s" % (member_sid, group.sid,

More information about the samba-technical mailing list