openldap-server exit on signal 6 on 11.1 (and not in 10.3)

[Xin LI]

Hi,


On Fri, Feb 9, 2018 at 12:33 AM joris dedieu <joris.dedieu at gmail.com> wrote:

> Dear porters,
>
> While moving from 10.3 to 11.1, I get an issue on openldap execution.
> slapd dies (pid 29087 (slapd), uid 389: exited on signal 6) on some
> complex but reproducible operations.
>
> We worked around this bug by returning less elements from the request.
> While my dear colleges are trying to write a script to reproduce the
> issue, I investigate system side.
>
>
> In /var/log/messages, I got slapd[4909]: stack overflow detected;
> terminated
>
> The only trace I get
>
> #0  0x0000000801f7a71a in kill () from /lib/libc.so.7
> #1  0x0000000801f7a6d0 in __stack_chk_fail () from /lib/libc.so.7
> #2  0x0000000801f7a640 in __stack_chk_fail () from /lib/libc.so.7
> #3  0x00000000004466e6 in do_modify ()
> #4  0x00000000004308d5 in connection_assign_nextid ()
> #5  0x00000000004300dd in connection_read_activate ()
> #6  0x0000000800956ffa in ldap_pvt_thread_pool_submit () from
> /usr/local/lib/libldap_r-2.4.so.2
> #7  0x0000000801c71bc5 in pthread_create () from /lib/libthr.so.3
> #8  0x0000000000000000 in ?? ()
>

​I have never seen this on my own systems.


> I suspect it's relative to -fstack-protector-strong  which is the
> default since FreeBSD 11.0. Do you think I should rebuild all the
> world this opion ?
>

Is the slapd binary from 10.3 (still considered a bug in this case), or
have you rebuilt it?  If you have coredumps, please try to collect
additional information on do_modify() as this might indicate a security
issue as well.  Reporting this to upstream (openldap.org) would usually be
helpful if you believe it's an OpenLDAP bug.

Cheers,​



>
> I also thought on fdatasync
>
>  .if ${OSVERSION} < 1101000
> CFLAGS+=                -DMDB_DSYNC=O_SYNC -Dfdatasync=fsync
> .endif
>
> I'm currently investigating on this changes.
>
> The issue disappear when slapd is compiled with debugging symbols
> (WITH_DEBUG=YES). As far as I understand, this only cause -g flag to
> be added to CFLAGS. Does WITH_DEBUG also disable some compiler
> optimization  ?
>
> Any thought on all this is welcomed
>
> Joris
>
>
> Openldap options :
> Name           : openldap-sasl-server
> Version        : 2.4.45_4
> Installed on   : Thu Feb  8 16:16:45 2018 CET
> Origin         : net/openldap24-server
> Architecture   : FreeBSD:11:amd64
> Prefix         : /usr/local
> Categories     : databases net
> Licenses       : OPENLDAP
> Maintainer     : delphij at FreeBSD.org
> WWW            : http://www.OpenLDAP.org/
> Comment        : Open source LDAP server implementation
> Options        :
>     ACCESSLOG      : on
>     ACI            : off
>     AUDITLOG       : off
>     BDB            : off
>     COLLECT        : off
>     CONSTRAINT     : off
>     DDS            : off
>     DEBUG          : off
>     DEREF          : off
>     DNSSRV         : off
>     DYNACL         : off
>     DYNAMIC_BACKENDS: on
>     DYNGROUP       : off
>     DYNLIST        : off
>     FETCH          : off
>     GSSAPI         : on
>     KQUEUE         : off
>     LASTBIND       : off
>     LMPASSWD       : off
>     MDB            : on
>     MEMBEROF       : off
>     ODBC           : off
>     OUTLOOK        : off
>     PASSWD         : off
>     PERL           : off
>     PPOLICY        : on
>     PROXYCACHE     : off
>     REFINT         : off
>     RELAY          : off
>     RETCODE        : off
>     RLOOKUPS       : off
>     RWM            : off
>     SASL           : on
>     SEQMOD         : off
>     SHA2           : off
>     SHELL          : off
>     SLAPI          : off
>     SLP            : off
>     SMBPWD         : off
>     SOCK           : off
>     SSSVLV         : off
>     SYNCPROV       : on
>     TCP_WRAPPERS   : off
>     TRANSLUCENT    : off
>     UNIQUE         : off
>     VALSORT        : off
>