[sssd/f20] sssd_be crashes in nested LDAP code in case of ldap error

Lukas Slebodnik lslebodn at fedoraproject.org
Thu Jan 29 17:43:28 UTC 2015 

commit 0886869882c2dc067161d03b4f0b05bf67a66b17
Author: Lukas Slebodnik <lslebodn at redhat.com>
Date:   Thu Jan 29 18:28:18 2015 +0100

    sssd_be crashes in nested LDAP code in case of ldap error
    
    - Resolves: rhbz#1126557

 0003-Signals-Remove-unused-functions.patch    |  103 +++++++++++++++++++++++++
 0004-SDAP-return-after-tevent_req_error.patch |   30 +++++++
 0005-sudo-return-after-tevent_req_error.patch |   27 +++++++
 sssd.spec                                     |    9 ++-
 4 files changed, 168 insertions(+), 1 deletions(-)
---
diff --git a/0003-Signals-Remove-unused-functions.patch b/0003-Signals-Remove-unused-functions.patch
new file mode 100644
index 0000000..a7b69a8
--- /dev/null
+++ b/0003-Signals-Remove-unused-functions.patch
@@ -0,0 +1,103 @@
+From fea2d8c6aef70f1ba6f7528c261606eac4fcea1c Mon Sep 17 00:00:00 2001
+From: Simo Sorce <simo at redhat.com>
+Date: Sat, 9 Nov 2013 15:44:45 -0500
+Subject: [PATCH 3/5] Signals: Remove unused functions
+
+Cleanup unused signal functions
+
+(cherry picked from commit d054a96e102b53a3aab6602f531a0e8d254080ab)
+
+Reviewed-by: Jakub Hrozek <jhrozek at redhat.com>
+---
+ src/util/signal.c | 57 -------------------------------------------------------
+ src/util/util.h   |  2 --
+ 2 files changed, 59 deletions(-)
+
+diff --git a/src/util/signal.c b/src/util/signal.c
+index 053457b384a2a0c6a4cdc398fcfc602d63da13c7..bb8f8bef7681c0140671a3076a950a773f991b66 100644
+--- a/src/util/signal.c
++++ b/src/util/signal.c
+@@ -28,45 +28,6 @@
+  * @brief Signal handling
+  */
+ 
+-/****************************************************************************
+- Catch child exits and reap the child zombie status.
+-****************************************************************************/
+-
+-static void sig_cld(int signum)
+-{
+-	while (waitpid((pid_t)-1,(int *)NULL, WNOHANG) > 0)
+-		;
+-
+-	/*
+-	 * Turns out it's *really* important not to
+-	 * restore the signal handler here if we have real POSIX
+-	 * signal handling. If we do, then we get the signal re-delivered
+-	 * immediately - hey presto - instant loop ! JRA.
+-	 */
+-
+-#if !defined(HAVE_SIGACTION)
+-	CatchSignal(SIGCLD, sig_cld);
+-#endif
+-}
+-
+-/****************************************************************************
+-catch child exits - leave status;
+-****************************************************************************/
+-
+-static void sig_cld_leave_status(int signum)
+-{
+-	/*
+-	 * Turns out it's *really* important not to
+-	 * restore the signal handler here if we have real POSIX
+-	 * signal handling. If we do, then we get the signal re-delivered
+-	 * immediately - hey presto - instant loop ! JRA.
+-	 */
+-
+-#if !defined(HAVE_SIGACTION)
+-	CatchSignal(SIGCLD, sig_cld_leave_status);
+-#endif
+-}
+-
+ /**
+  Block sigs.
+ **/
+@@ -126,21 +87,3 @@ void (*CatchSignal(int signum,void (*handler)(int )))(int)
+ 	return signal(signum, handler);
+ #endif
+ }
+-
+-/**
+- Ignore SIGCLD via whatever means is necessary for this OS.
+-**/
+-
+-void CatchChild(void)
+-{
+-	CatchSignal(SIGCLD, sig_cld);
+-}
+-
+-/**
+- Catch SIGCLD but leave the child around so it's status can be reaped.
+-**/
+-
+-void CatchChildLeaveStatus(void)
+-{
+-	CatchSignal(SIGCLD, sig_cld_leave_status);
+-}
+diff --git a/src/util/util.h b/src/util/util.h
+index 7a668465e9226652fdc2a3ee71fd2ed2d1a989b3..b0a7692b5c84f58061e0df334c5f7c6de6324ced 100644
+--- a/src/util/util.h
++++ b/src/util/util.h
+@@ -227,8 +227,6 @@ void sig_term(int sig);
+ #include <signal.h>
+ void BlockSignals(bool block, int signum);
+ void (*CatchSignal(int signum,void (*handler)(int )))(int);
+-void CatchChild(void);
+-void CatchChildLeaveStatus(void);
+ 
+ /* from memory.c */
+ typedef int (void_destructor_fn_t)(void *);
+-- 
+2.1.0
+
diff --git a/0004-SDAP-return-after-tevent_req_error.patch b/0004-SDAP-return-after-tevent_req_error.patch
new file mode 100644
index 0000000..6b674a6
--- /dev/null
+++ b/0004-SDAP-return-after-tevent_req_error.patch
@@ -0,0 +1,30 @@
+From ceed6381189cc102dc0d1b253369344839312ec0 Mon Sep 17 00:00:00 2001
+From: Pavel Reichl <preichl at redhat.com>
+Date: Thu, 26 Jun 2014 16:42:53 +0100
+Subject: [PATCH 4/5] SDAP: return after tevent_req_error
+
+Don't call tevent_req_done after tevent_req_error (for the same request).
+
+Reviewed-by: Sumit Bose <sbose at redhat.com>
+---
+ src/providers/ldap/sdap_async_nested_groups.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/providers/ldap/sdap_async_nested_groups.c b/src/providers/ldap/sdap_async_nested_groups.c
+index 065eb1218534229f0c6d0c0ba08feba59f61603c..a8f8f412619167448dcb4c9cb6731c3833560c1e 100644
+--- a/src/providers/ldap/sdap_async_nested_groups.c
++++ b/src/providers/ldap/sdap_async_nested_groups.c
+@@ -1388,8 +1388,9 @@ static void sdap_nested_group_single_done(struct tevent_req *subreq)
+     talloc_zfree(subreq);
+     if (ret != EOK) {
+         DEBUG(SSSDBG_CRIT_FAILURE, "Error processing nested groups "
+-                                    "[%d]: %s", ret, strerror(ret));
++                                    "[%d]: %s\n.", ret, strerror(ret));
+         tevent_req_error(req, ret);
++        return;
+     }
+ 
+     tevent_req_done(req);
+-- 
+2.1.0
+
diff --git a/0005-sudo-return-after-tevent_req_error.patch b/0005-sudo-return-after-tevent_req_error.patch
new file mode 100644
index 0000000..2d065ae
--- /dev/null
+++ b/0005-sudo-return-after-tevent_req_error.patch
@@ -0,0 +1,27 @@
+From 9620767b6f2ee282ce78f14e1c7315814230973b Mon Sep 17 00:00:00 2001
+From: Pavel Reichl <preichl at redhat.com>
+Date: Thu, 26 Jun 2014 16:21:16 +0100
+Subject: [PATCH 5/5] sudo: return after tevent_req_error
+
+Don't call tevent_req_done after tevent_req_error (for the same request).
+
+Reviewed-by: Sumit Bose <sbose at redhat.com>
+---
+ src/responder/sudo/sudosrv_query.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/responder/sudo/sudosrv_query.c b/src/responder/sudo/sudosrv_query.c
+index 632afa712c9c08af7ed253f77705e35f49b6b039..4d19514cd63f432d7cee2bbfbece237fb56c5dec 100644
+--- a/src/responder/sudo/sudosrv_query.c
++++ b/src/responder/sudo/sudosrv_query.c
+@@ -364,6 +364,7 @@ static void sudosrv_parse_query_done(struct tevent_req *subreq)
+     talloc_free(subreq);
+     if (ret != EOK) {
+         tevent_req_error(req, ret);
++        return;
+     }
+ 
+     tevent_req_done(req);
+-- 
+2.1.0
+
diff --git a/sssd.spec b/sssd.spec
index 809ce86..4bfd49c 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -14,7 +14,7 @@
 
 Name: sssd
 Version: 1.11.7
-Release: 4%{?dist}
+Release: 5%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
@@ -25,6 +25,9 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 ### Patches ###
 Patch0001:  0001-sysdb_get_user_attr-use-fqn-for-subdomain-users.patch
 Patch0002:  0002-PAC-krb5_pac_verify-failures-should-not-be-fatal.patch
+Patch0003:  0003-Signals-Remove-unused-functions.patch
+Patch0004:  0004-SDAP-return-after-tevent_req_error.patch
+Patch0006:  0005-sudo-return-after-tevent_req_error.patch
 Patch0602:  0602-FEDORA-Add-CIFS-idmap-plugin.patch
 
 ### Dependencies ###
@@ -753,6 +756,10 @@ fi
 %postun -n libsss_idmap -p /sbin/ldconfig
 
 %changelog
+* Thu Jan 29 2015 Lukas Slebodnik <lslebodn at redhat.com> - 1.11.1-5
+- sssd_be crashes in nested LDAP code in case of ldap error
+- Resolves: rhbz#1126557
+
 * Thu Dec 11 2014 Jakub Hrozek <jhrozek at redhat.com> - 1.11.7-4
 - Backport an upstream patch to ignore PAC verification failures

More information about the scm-commits mailing list