When the query returns multiple groups, the function authz_dbd_group_query() returns the array containing pointers to the right number of groups, but all point the same string, the last group (entry) returned. W/in the for loop I changed the if statement to this: if (rv == 0) { group = apr_array_push(groups); *tstring = apr_dbd_get_entry(dbd->driver, row, 0); *group = apr_pcalloc(r->pool, strlen(*srwstring) + 1); strcpy(*group, *srwstring); *group = apr_dbd_get_entry(dbd->driver, row, 0); } Now the returned array (groups) contains an array of strings, each of which are at a newly allocated address. This solved the problem in my usage with apache 2.2.10. The function authz_dbd-group_query() didn't change in this area in the latest trunk copy in svn (to date). Thanks much, -Steve
I see a couple typos in my submission. The code should read: if (rv == 0) { group = apr_array_push(groups); *tstring = apr_dbd_get_entry(dbd->driver, row, 0); *group = apr_pcalloc(r->pool, strlen(*tstring) + 1); strcpy(*group, *tstring); *group = apr_dbd_get_entry(dbd->driver, row, 0); }
Which dbd driver are you using? Looking at current practice, most of them allocate memory in apr_dbd_get_entry and won't (or shouldn't) exhibit this bug. We need to ensure consistent practice there before patching httpd.
Ok, what I finally ended up with (after applying this change directly to the original modules) is this: char *tstring; if (rv == 0) { group = apr_array_push(groups); tstring = apr_dbd_get_entry(dbd->driver, row, 0); *group = apr_pcalloc(r->pool, strlen(tstring) + 1); strcpy(*group, tstring); } I'm using the mysql driver and have not tried this against any other. Interesting that the mysql driver might be reusing the same location to return each group but others are not.
This is confusing: the mysql driver returns memory from what appears to be an array returned by mysql, so doesn't look as if it should need copying. Anyway, I've just fixed mysql trunk to copy it. If noone shouts I can backport.
Extended patch committed in r1663647 + r1679181 + r1679182. Backport to 2.4.x proposed in r1679183. (See https://www.mail-archive.com/dev@httpd.apache.org/msg61895.html for details).
mod_authz_dbd is 2.4.x only...
This is part of the (unreleased) 2.4.13 backport in r1681107
*** Bug 58246 has been marked as a duplicate of this bug. ***