Package: winbind
Version: 3.2.5-4
Severity: important
Tags: patch
Using winbind component to retrieve users from an ADS server causes winbind to
daily crash.
We have bypassed the problem by restarting the server at night. However, this
does not solve
the issue since it is usually required an another restart.
Attached it is the backtrace of the winbind server:
winbindd: error.c:272: ldap_parse_result: Assertion `r != ((void *)0)' failed.
[2009/04/05 02:11:01, 0] lib/fault.c:fault_report(40)
===============================================================
[2009/04/05 02:11:01, 0] lib/fault.c:fault_report(41)
INTERNAL ERROR: Signal 6 in pid 20777 (3.2.5)
Please read the Trouble-Shooting section of the Samba3-HOWTO
[2009/04/05 02:11:01, 0] lib/fault.c:fault_report(43)
From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2009/04/05 02:11:01, 0] lib/fault.c:fault_report(44)
===============================================================
[2009/04/05 02:11:01, 0] lib/util.c:smb_panic(1663)
PANIC (pid 20777): internal error
[2009/04/05 02:11:01, 0] lib/util.c:log_stack_trace(1767)
BACKTRACE: 25 stack frames:
#0 /usr/sbin/winbindd(log_stack_trace+0x1c) [0x4e1cbd]
#1 /usr/sbin/winbindd(smb_panic+0x5b) [0x4e1dcb]
#2 /usr/sbin/winbindd [0x4d1064]
#3 /lib/libc.so.6 [0x7fd2c5d61f60]
#4 /lib/libc.so.6(gsignal+0x35) [0x7fd2c5d61ed5]
#5 /lib/libc.so.6(abort+0x183) [0x7fd2c5d633f3]
#6 /lib/libc.so.6(__assert_fail+0xe9) [0x7fd2c5d5adc9]
#7 /usr/lib/libldap_r-2.4.so.2 [0x7fd2c66b690d]
#8 /usr/sbin/winbindd [0x5fa099]
#9 /usr/sbin/winbindd(ads_do_search_all_args+0x87) [0x5fa4a9]
#10 /usr/sbin/winbindd [0x5ffdc4]
#11 /usr/sbin/winbindd(ads_do_search_retry+0x13) [0x600808]
#12 /usr/sbin/winbindd(ads_search_retry+0x1e) [0x600851]
#13 /usr/sbin/winbindd [0x478838]
#14 /usr/sbin/winbindd [0x4638ea]
#15 /usr/sbin/winbindd(winbindd_dual_list_users+0x6e) [0x47eb4b]
#16 /usr/sbin/winbindd [0x47be1f]
#17 /usr/sbin/winbindd [0x47bfcd]
#18 /usr/sbin/winbindd(async_request+0x18a) [0x47d133]
#19 /usr/sbin/winbindd(async_domain_request+0x49) [0x47d27d]
#20 /usr/sbin/winbindd [0x45b018]
#21 /usr/sbin/winbindd(rescan_trusted_domains+0x46) [0x45b358]
#22 /usr/sbin/winbindd(main+0xc43) [0x452595]
#23 /lib/libc.so.6(__libc_start_main+0xe6) [0x7fd2c5d4e1a6]
#24 /usr/sbin/winbindd [0x4504f9]
After looking in bugs.debian.org seems another user reported this issue:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484235#150
Looking at the sources the problem is located at a call to
ldap_search_with_timeout
in samba-3.2.5/source/libads/ldap.c:769
This function returns a NULL reference to result (res) causing the function
ldap_parse_result (samba-3.2.5/source/libads/ldap.c:783) to assert due to
NULL reference because.
The fix is to also check for NULL reference before calling to
ldap_parse_result.
Attached patch.
-- System Information:
Debian Release: lenny/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.27 (SMP w/2 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- ldap.c 2009-04-07 12:20:50.000000000 +0200
+++ ldap-modified.c 2009-04-07 12:20:44.000000000 +0200
@@ -774,7 +774,7 @@
ber_free(cookie_be, 1);
ber_bvfree(cookie_bv);
- if (rc) {
+ if (rc || res == NULL) {
DEBUG(3,("ads_do_paged_search_args:
ldap_search_with_timeout(%s) -> %s\n", expr,
ldap_err2string(rc)));
goto done;
