Bug 36563 - mod_ldap caching breaks when value is NULL
mod_ldap caching breaks when value is NULL
Status: RESOLVED FIXED
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ldap
2.0.54
Other other
: P2 major with 1 vote (vote)
: ---
Assigned To: Apache HTTPD Bugs Mailing List
: PatchAvailable
Depends on:
Blocks:
  Show dependency tree
 
Reported: 2005-09-08 21:48 UTC by Ondrej Sury
Modified: 2005-09-23 08:27 UTC (History)
0 users



Attachments
Backported patch to fix invalid cache content handling (4.17 KB, patch)
2005-09-16 23:04 UTC, Ondrej Sury
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ondrej Sury 2005-09-08 21:48:59 UTC
I am author of mod_vhost_ldap (second module based on mod_ldap :-) and I found
some rather nasty bug in mod_ldap caching.

There is error in caching, when any attribute returned from LDAP is null, then
mod_ldap caches only attributes fetched before this null attribute.

Example from logs:
(first run)
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(383): [client 172.16.21.2]
[mod_vhost_ldap.c]: dn:
apacheServerName=000001.tld,ou=VHosts,ou=web,dc=active24,dc=com
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheServerName: 000001.tld
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheServerAdmin: (null)
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheDocumentRoot: /var/www/00/10/04/000001.tld/www/
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheScriptAlias:
/var/www/00/10/04/000001.tld/cgi-bin
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheSuexecUid: 1004
[Thu Sep 08 21:30:13 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheSuexecGid: 1004

(second run -> results from cache)
[Thu Sep 08 21:30:18 2005] [debug] mod_vhost_ldap.c(383): [client 172.16.21.2]
[mod_vhost_ldap.c]: dn:
apacheServerName=000001.tld,ou=VHosts,ou=web,dc=active24,dc=com
[Thu Sep 08 21:30:18 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheServerName: 000001.tld
[Thu Sep 08 21:30:18 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheServerAdmin: (null)
[Thu Sep 08 21:30:18 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheDocumentRoot: (null)
[Thu Sep 08 21:30:18 2005] [debug] mod_vhost_ldap.c(395): [client 172.16.21.2]
[mod_vhost_ldap.c]: processing apacheScriptAlias: (null)
[Thu Sep 08 21:30:19 2005] [notice] child pid 3379 exit signal Segmentation
fault (11)

Quick workaround is to move attributes which can be NULL to end or to define
_all_ attributes in LDAP.

Corect way is to fix this bug in mod_ldap.  Since structure is returned ok on
first run I think that there is a way how to fix it.

I will look on this when I have some time.

Ondrej.
P.S.: Tested on 2.0.53, but I have checked 2.0.54 ChangeLog and diffs and it
includes only addition of LDAPConnectionTimeout.
Comment 1 Brad Nicholes 2005-09-08 23:51:53 UTC
  This has been fixed in Apache 2.1 rev. 156587 but never backported to Apache 
2.0.

*** This bug has been marked as a duplicate of 33901 ***
Comment 2 Ondrej Sury 2005-09-09 09:38:59 UTC
Will you accept backported patch if I prepare it?

Ondrej
Comment 3 Brad Nicholes 2005-09-09 17:01:58 UTC
  Sure.  It will have to be proposed for backport, reviewed and accepted by a 
vote before it actually makes it into the code.  But it can certainly be done.
Comment 4 Ondrej Sury 2005-09-16 23:04:42 UTC
Created attachment 16429 [details]
Backported patch to fix invalid cache content handling
Comment 5 Ondrej Sury 2005-09-16 23:06:18 UTC
Hi,
I have created backport of fix for correct cache items handling if they include
NULL values, thus reopening bug and changing severity to wishlist.

Ondrej.
P.S.: If this is not correct way how to propose backport then bang me :-)
Comment 6 Brad Nicholes 2005-09-17 01:06:25 UTC
Proposed for backport to 2.0.  Waiting for votes.
Comment 7 Ondrej Sury 2005-09-19 15:10:01 UTC
Changing severity to Major, since this bug is not as harmless as I thought to be.
There is memory leak in util_ldap_search_node_free().  Only items before first
item with NULL value are freed, and rest of items are left in cache.
Comment 8 Brad Nicholes 2005-09-23 16:27:47 UTC
Backported to 2.0.55