[Samba] tdb_expand overflow detected
Douglas Bagnall
douglas.bagnall at catalyst.net.nz
Thu Nov 21 21:32:10 UTC 2024
On 21/11/24 15:24, Dan Langille wrote:
>>>> net cache list
>>>>
>>>> will tell you what the cache thinks it contains. If it is filled with
>>>> real things, it could indicate where they're coming from. If it fails or
>>>> shows a cache full of nonsense, well that is also interesting.
>>>
>>> That is 161 lines of expired stuff.
>>
>> Yeah, I'm not sure how that adds to 4 billion.
>>
>> tdbtool /var/db/samba4/gencache.tdb
>> tdb> info
>>
>> will show lines describing the "smallest/average/largest" of various things.
>
> This is the file I moved away:
>
> [2:23 tm dvl ~] % sudo tdbtool ~/tmp/gencache.tdb
> tdb> info
> Size of file/data: 81919/9152
> Header offset/logical size: 81920/4294967295
It looks like tdb internally has a different idea of the file size than
the file system has. From an earlier message:
>>> The file size is close
>>>
>>> [22:44 tm dvl ~] % ls -l /var/db/samba4/gencache.tdb
>>> -rw-r--r-- 1 root wheel 4295049215 2024.11.18 13:26 /var/db/samba4/gencache.tdb
>>>
>>> 4295049215-4294967295 = 81,920
81920 is 0x14000.
4294967295 is 0xffffffff.
the actual file size is 0x100013fff.
My understanding of tdb (I am not an expert) is that it can only map in
a 32 bit size (up to 4294967295), so the extra stuff at the end is not
actually accessible.
What I think has happened is mmap() or something has somehow set an
extra bit, so the desired file size of 0x13fff becomes 0x100013fff,
after which tdb is in a state of confusion, refusing to add anything.
> Number of records: 161
> Incompatible hash: yes
> Active/supported feature flags: 0x00000001/0x00000001
> Robust mutexes locking: yes
> Smallest/average/largest keys: 19/39/61
> Smallest/average/largest data: 16/17/59
> Smallest/average/largest padding: 20/20/26
> Number of dead records: 0
> Smallest/average/largest dead records: 0/0/0
> Number of free records: 22
> Smallest/average/largest free records: 28/195223196/4294897995
Of course this largest free record looks a bit large, but I am guessing
this is an artifact rather than a cause.
The original message said:
> I'm using samba416-4.16.11 on FreeBSD 14.1 (on ZFS, in a jail, with quotas on those filesystems, etc)
This is a sparsely populated region. Maybe there is something in that
"etc" that might affect it?
Douglas
More information about the samba
mailing list