SEGV in smbstatus on 4.9.18, 4.10.18, 4.11.17 on Solaris 10/SPARC, 11/SPARC

Tue Jan 12 15:28:09 UTC 2021

On Tue, Jan 12, 2021 at 07:39:02AM -0600, Albert Chin via samba-technical wrote:
> We're running 4.9.18, 4.10.18, and 4.11.17 on Solaris 10/SPARC and
> 11/SPARC and are seeing a SEGV when running smbstatus. In
> lib/tdb/common/open.c, we have:
>   _PUBLIC_ int tdb_close(struct tdb_context *tdb)
>   {
>           ...
>           tdb_mutex_munmap(tdb);
> 
>           SAFE_FREE(tdb->name);
>           ...
>   }
> 
> And in lib/tdb/common/mutex.c, we have:
>   int tdb_mutex_munmap(struct tdb_context *tdb)
>   {
>           ...
>           ret = munmap(tdb->mutexes, len);
>           if (ret == -1) {
>                   return -1;
>           }
>           ...
>   }

If I wrap the above with:
  if (tdb->mutexes) {
    ret = munmap(tdb->mutexes, len);
    if (ret == -1) {
      return -1;
    }
  }
then the SEGV goes away. But, is this simply papering over the real
problem?

-- 
albert chin (china at thewrittenword.com)