[Pkg-samba-maint] Bug#522907: Bug#522907: winbind: Winbind daily crashes, possible fix to bug #483235

Christian Perrier bubulle at debian.org
Tue Apr 21 06:16:50 UTC 2009 

forwarded 522907 https://bugzilla.samba.org/show_bug.cgi?id=6279
tags 522907 lenny patch
thanks

Quoting Francis Brosnan Blazquez (francis at aspl.es):

> Taking the backtrace and the data I've provided it's more than clear it
> does fix the bug.
> 
> Anyway, just to confirm the bug keeps on breaking winbind instances with
> latest winbind (samba) version: 3.2.5-4lenny2.
> 
> Digging more into the problem, it is clear that the winbind/libads check
> done at line (samba-3.2.5/source/libads/ldap.c:777) is wrong because
> ldap_search_ext_s (the function used by libads's
> ldap_search_with_timeout) may return zero in cases where a timeout is
> found.
> 
> Please check openldap_2.4.11.orig/libraries/libldap/search.c:144 to see
> how it is implemented (openldap) ldap_search_ext_s.
> 
> As a consequence, libads code is not properly checking the result
> returned by ldap_search_with_timeout, and it must also check for NULL
> reference as the patch suggest (not only the rc value).
> 
> I've checked official source code from samba 3.3.3 and 3.2.11 and the
> error is still there. I've placed a bug report at:
> 
> https://bugzilla.samba.org/show_bug.cgi?id=6279


Thanks for all that work...that makes our work much easier..:-)

Recording this as fixed in lenny.

Reading the upstream bug, I can't really confirm that Jeremy's patch
is working more than you did. So, if Jeremy's patch is fixing the
problem, then we should apply it.

From the bug's description, I think it's worth fixing.



-------------- next part --------------
diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 9eae2d4..8c37bfb 100644
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -118,6 +118,10 @@ static int ldap_search_with_timeout(LDAP *ld,
 	if (gotalarm != 0)
 		return LDAP_TIMELIMIT_EXCEEDED;
 
+	if (*res == NULL) {
+		return LDAP_TIMELIMIT_EXCEEDED;
+	}
+
 	return result;
 }
 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20090421/e47cf04d/attachment.pgp>

More information about the Pkg-samba-maint mailing list