[PATCH] Fix crash on Samba AD DC LDAP server
Andrew Bartlett
abartlet at samba.org
Thu Jun 20 07:40:56 MDT 2013
G'Day,
As observant viewer of our samba list would have noticed Robin found a
bug in our LDAP server (segfault of the AD LDAP server, which is a
critical component):
> Running Mozilla Thunderbird connected to Samba4 LDAP (using an
> anonymous bind, if it matters) it is possible to search for entries.
> Searching for nothing, for example 'Email contains ', results in
> Samba4 crashing with the following error message:
>
> [2013/06/07 14:38:52, 0] ../lib/util/fault.c:72(fault_report)
> ===============================================================
> [2013/06/07 14:38:52, 0] ../lib/util/fault.c:73(fault_report)
> INTERNAL ERROR: Signal 11 in pid 10406 (4.0.6)
> Please read the Trouble-Shooting section of the Samba HOWTO
> [2013/06/07 14:38:52, 0] ../lib/util/fault.c:75(fault_report)
> ===============================================================
> [2013/06/07 14:38:52, 0] ../lib/util/fault.c:144(smb_panic_default)
> PANIC: internal error
>
> I ran Wireshark at the same time as running this query. The filter
> appeared to be:
> (&(&(mail=*)(displayName=*))(mail=[NULL]))
>
> But not trusting how Wireshark displays it, this is the relevant hex
> dump:
> a0 21 a0 13 87 04
> 6d 61 69 6c 87 0b
> 64 69 73 70 6c 61 79 4e 61 6d 65 a0 0a a4 08 04 04
> 6d 61 69 6c 30 00
Robin reports that the attached patch fixes it. Can I get it reviewed
so I don't miss the 4.0.7 cutoff?
My hope is that with this and the winbind fix in, 4.0.7 will be much
more solid for folks than earlier 4.0 releases have been, for the AD DC.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ldb-Ensure-not-to-segfault-on-a-filter-such-as-mail.patch
Type: text/x-patch
Size: 938 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130620/dbf7a361/attachment.bin>
More information about the samba-technical
mailing list