Full_Name: Rein Tollevik
Version: 2.4.8
OS:
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (84.215.2.34)
The attached patch fixes a seg. fault in compare_csns() in syncrepl.c if it
receives a sync cookie with an empty "csn=" value.
syncprov_playlog() in syncprov.c generates such invalid cookies when replaying a
sessionlog where no entries has been deleted. The patch also fixes this bug.
Rein Tollevik
Basefarm AS
Index: OpenLDAP/servers/slapd/syncrepl.c
diff -u OpenLDAP/servers/slapd/syncrepl.c:1.6
OpenLDAP/servers/slapd/syncrepl.c:1.7
--- OpenLDAP/servers/slapd/syncrepl.c:1.6 Fri Mar 14 16:27:41 2008
+++ OpenLDAP/servers/slapd/syncrepl.c Tue Mar 18 17:15:30 2008
@@ -669,8 +669,8 @@
return -1;
}
- for (i=0; !BER_BVISNULL( &sc1->ctxcsn[i] ); i++) {
- for (j=0; !BER_BVISNULL( &sc2->ctxcsn[j] ); j++) {
+ for (i=0; !BER_BVISEMPTY( &sc1->ctxcsn[i] ); i++) {
+ for (j=0; !BER_BVISEMPTY( &sc2->ctxcsn[j] ); j++) {
if ( sc1->sids[i] != sc2->sids[j] )
continue;
value_match( &match, slap_schema.si_ad_entryCSN,
Index: OpenLDAP/servers/slapd/overlays/syncprov.c
diff -u OpenLDAP/servers/slapd/overlays/syncprov.c:1.5
OpenLDAP/servers/slapd/overlays/syncprov.c:1.6
--- OpenLDAP/servers/slapd/overlays/syncprov.c:1.5 Fri Mar 14 16:23:48 2008
+++ OpenLDAP/servers/slapd/overlays/syncprov.c Tue Mar 18 17:22:41 2008
@@ -1413,8 +1413,7 @@
num * UUID_LEN, op->o_tmpmemctx );
uuids[0].bv_val = (char *)(uuids + num + 1);
- delcsn[0].bv_len = 0;
- delcsn[0].bv_val = cbuf;
+ BER_BVZERO(&delcsn[0]);
BER_BVZERO(&delcsn[1]);
/* Make a copy of the relevant UUIDs. Put the Deletes up front
@@ -1453,6 +1452,7 @@
i++;
AC_MEMCPY( cbuf, se->se_csn.bv_val, se->se_csn.bv_len );
delcsn[0].bv_len = se->se_csn.bv_len;
+ delcsn[0].bv_val = cbuf;
delcsn[0].bv_val[delcsn[0].bv_len] = '\0';
} else {
nmods++;
