[Bug 63305] New: Segmentation fault in mod_ldap on gracefull reload

Sun, 31 Mar 2019 23:35:29 -0700 

https://bz.apache.org/bugzilla/show_bug.cgi?id=63305

            Bug ID: 63305
           Summary: Segmentation fault in mod_ldap on gracefull reload
           Product: Apache httpd-2
           Version: 2.4.23
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ldap
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

Created attachment 36505
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36505&action=edit
Solve the issue

Our server using our closed source variant of mod_authnz_ldap (mod_agwldap)
which is using mod_ldap. Server is heavy loaded and is reloaded once per hour
to change CRL (certificate revocation list) to use TLS client certificate
authentication. LDAP contains more then one million users. Mod_ldap is
configured to use shared cache. On reload there is intermittent sig seg crash.
Crash can be simulated on load test with 1600 different users and 20 threads,
when server is reloaded every 3 second (only for load test purpose).
Back trace (some times crash is in different location):

#0 util_ldap_search_node_free (cache=0x7f3bb9e3f030, n=0x74696c6d79473132) at
util_ldap_cache.c:202
#1 0x00007f3bbe245bc0 in util_ald_destroy_cache (cache=0x7f3bb9e3f030) at
util_ldap_cache_mgr.c:412
#2 0x00007f3bbe244c3d in util_ldap_url_node_free (cache=0x7f3bb9e1e038,
n=0x7f3bb9e57a80) at util_ldap_cache.c:73
#3 0x00007f3bbe245bc0 in util_ald_destroy_cache (cache=0x7f3bb9e1e038) at
util_ldap_cache_mgr.c:412
#4 0x00007f3bbe244d6d in util_ldap_cache_module_kill (data=0x7f3bc4d99548) at
util_ldap_cache.c:402
#5 0x00007f3bc42d403e in apr_pool_destroy () from /usr/lib64/libapr-1.so.0
#6 0x00007f3bc42d4295 in apr_pool_clear () from /usr/lib64/libapr-1.so.0
#7 0x0000558a6b72bd6d in main (argc=18, argv=0x7ffdd1e726b8) at main.c:713

void util_ldap_search_node_free(util_ald_cache_t *cache, void *n)
{
int i = 0;
util_search_node_t *node = n;
**int k = node->numvals;**

if (node->vals) {
for (;k;k--,i++) {
if (node->vals[i]) {
util_ald_free(cache, node->vals[i]);
}
}
util_ald_free(cache, node->vals);
}
util_ald_free(cache, node->username);
util_ald_free(cache, node->dn);
util_ald_free(cache, node->bindpw);
util_ald_free(cache, node);
}

Patch wich solve the issue (against branch 2.4.x) is included. We believe that
error is inside mod_ldap and not inside our mod_agwldap. We tried newest
mod_ldap (trunk) without luck. When patch is applayed there is no crashes
inside load test.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to