Bugs item #455156, was opened at 2001-08-24 17:26 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=103152&aid=455156&group_id=3152
Category: Modules: nsperm (Permissions) Group: aolserver3_4 Status: Open Resolution: None Priority: 5 Submitted By: Jeff Rogers (dvrsn) >Assigned to: Kriston Rehberg (kriston) Summary: segfault in nsperm Initial Comment: If the configuration parameter SkipLocks is "on" (the default) then calling "ns_perm checkpass user pass" with a user that exists (regardless of whether the password is correct or not) will segfault the server. The reason is quite simple: the mutex in the users TclHashTable is not initialized if skiplocks is set, but UserAuthProc does not check if skiplocks is set before attempting to lock the mutex. Checking skiplocks before attempting to manipulate the mutex (as its done nearly everywhere else in the code) fixes the segfault. SetPassCmd is similarly broken, but it should probably not be allowed at all if skiplocks is set. Also, Ns_MutexLock and Ns_LockMutex are both used (similarly for Unlock); it seems that the first should be preferres as LockMutex is from the 2.x compatability code. These reasons are likely partly behind the complete rewrite of nsperm for 4.x, but that has not yet been released and people running 3.4 or earlier may want to know about this problem. ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=103152&aid=455156&group_id=3152
