#307 htmladmin keeps segfaulting
Closed: Fixed None Opened 7 years ago by igmar.

htmladmin keeps segfaulting :

[Mon Feb 27 15:18:13 2012] [notice] [client 10.1.0.7] admserv_host_ip_check: ap_get_remote_host could not resolve 10.1.0.7, referer: http://10.1.0.6:7777/admin-serv/tasks/configuration/HTMLAdmin?op=framepaint
[Mon Feb 27 15:18:13 2012] [error] [client 10.1.0.7] Premature end of script headers: htmladmin, referer: http://10.1.0.6:7777/admin-serv/tasks/configuration/HTMLAdmin?op=framepaint

This is an epel binary :

389-admin-1.1.27-1.el6.x86_64

I also don't het the resolver error, since the host is in DNS, and does resolve :

[root@shell admin-serv]# nslookup 10.1.0.7
.....
7.0.1.10.in-addr.arpa name = rhevmgr.jdi.internal.

Any clues on how to solve this ? This is a test machine, so I can debug at will, and will be more than willing to het this issue out of the way.


Replying to [ticket:307 igmar]:

htmladmin keeps segfaulting :

Any clues on how to solve this ? This is a test machine, so I can debug at will, and will be more than willing to het this issue out of the way.

Please do

debuginfo-install 389-admin 389-adminutil

See also http://directory.fedoraproject.org/wiki/FAQ#Debugging_Crashes for information about how to allow core dumps. I'm not sure where admin server puts the core files. After you reproduce the crash after enabling core files, do a

find /usr//dirsrv /var//dirsrv -name core*

to find the core dump file. Then you can

gdb /usr/lib64/dirsrv/cgi-bin/htmladmin /path/to/core.pid

to get a stack trace

I'm seeing the same (?) segfault on Ubuntu, running the current stable releases. Backtrace is attached.

Replying to [comment:2 tjaalton]:

I'm seeing the same (?) segfault on Ubuntu, running the current stable releases. Backtrace is attached.

Thanks! In your case, the problem is that your hostname begins with a digit:

host=0x6792f0 "389ds.tyrell"

This runs afoul of the server_status() function:
if(!isdigit(host[0])) {
err = PR_GetHostByName(host,
buf,
PR_NETDB_BUF_SIZE,
&hent);
if(err == PR_FAILURE)
return -1;
}

That is certainly a bug in our code - it is perfectly valid to have digits in a hostname. However, in the original report, it looks as though the hostname begins with "r" so I don't think that's the whole problem.

hehe, there is no segfault here anymore once I installed with a valid hostname :)

Fix Description:
PR_GetHostByName was used to get PRHostEnt in htmladmin, but it
was called only when the first character of host was not digit.
The direct cause of the crash was the PRHostEnt variable to fill
in in PR_GetHostByName was not initialized, thus if the hostname
started with digit, the uninitialized, garbage address in the
variable was accessed, which crashed htmladmin.

This patch removes the hostname check and replaces PR_GetHostByName
with PR_GetAddrInfoByName to support IPv6 environment. Also, to
support numerical address, PR_StringToNetAddr is added before
trying PR_GetAddrInfoByName.

Another cgi statpingserv has the same coding style. It is being
fixed, too.

Steps to verify:
1. Install DS with the admin server with setup-ds-admin.pl.
2. Replace serverHostName with the IP address.
ldapmodify ... << EOM
dn: cn=slapd-<id>,cn=389 Directory Server,cn=Server Group,cn=<frdn>,ou=<domain>,o=NetscapeRoot
changetype: modify
replace: serverHostName
serverHostName: <ip_address>
3. Go to the admin server URL on a browser
4. Click "389 Administration Express" and login to the admin server.

If the 389 Administration Express page is successfully displayed, the bug is verified.

Reviewed by Mark (Thank you!!)

Pushed to master.

$ git merge trac307
Updating 00c2b18..26869af
Fast-forward
admserv/cgi-src40/htmladmin.c | 75 +++++++++++++++++++++------------
admserv/cgi-src40/statpingserv.c | 84 ++++++++++++++++++++------------------
2 files changed, 92 insertions(+), 67 deletions(-)

$ git push
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 1.99 KiB, done.
Total 6 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/admin.git
00c2b18..26869af master -> master

I'm having a different issue, which is conformed by running the lates version from git :

[root@shell log]# hostname
shell.c1.jdi.nl

It also doesn't seem to actually segfault, it doesn't give any output, hence the ISE. I've debugged the actual calling of the cgi-bin, and it is called as /usr/lib64/dirsrv/cgi-bin/htmladmin with no arguments. That gives from the commandline :

Content-type: text/html;charset=utf-8
<empty line="">

I'm not a bit clueless, because i'm not familiar with how it's suppose to work. Suggestions welcome

Replying to [comment:11 igmar]:

I'm having a different issue, which is conformed by running the lates version from git :

It means the patch 0001-Trac-Ticket-307-htmladmin-keeps-segfaulting.patch made your htmladmin stop working?

[root@shell log]# hostname
shell.c1.jdi.nl

What does this cl return?
nslookup shell.c1.jdi.nl

It also doesn't seem to actually segfault, it doesn't give any output, hence the ISE. I've debugged the actual calling of the cgi-bin, and it is called as /usr/lib64/dirsrv/cgi-bin/htmladmin with no arguments. That gives from the commandline :

Content-type: text/html;charset=utf-8
<empty line="">

This is normal...

I'm not a bit clueless, because i'm not familiar with how it's suppose to work. Suggestions welcome

Could you give us some more input?
. type of browser and its version
. When you get the empty page?
http://<adminhost>:<adminport>/
then click "389 Administration Express".
Do you see login box?
If yes, your login to the adminserver is successful?
. Have you tried clearing the cache of the browser and restarting it?
Sometimes, browser caches the old page...

Hello igmar,

Could there be any progress/findings?

Patched version works for me too (btw, 389-admin-1.1.28 is now in updates-testing/epel-testing - try it)

Noriko, was this issue fixed by
commit changeset:4ec23c03450d45639282c173d2e095c4023876bb/389-admin
Author: Noriko Hosoi nhosoi@totoro.sjc.redhat.com
Date: Fri Mar 23 13:13:08 2012 -0700

If htmladmin fails to connect to the server, the cgi could crash.

This patch checks the flag for the server status and avoids the
unnecessary free.

If so, I have released 389-admin-1.1.29 with this patch - can we close this ticket?

Replying to [comment:16 rmeggins]:

Noriko, was this issue fixed by
commit changeset:4ec23c03450d45639282c173d2e095c4023876bb/389-admin
Author: Noriko Hosoi nhosoi@totoro.sjc.redhat.com
Date: Fri Mar 23 13:13:08 2012 -0700

If htmladmin fails to connect to the server, the cgi could crash.

This patch checks the flag for the server status and avoids the
unnecessary free.

If so, I have released 389-admin-1.1.29 with this patch - can we close this ticket?

Rich, I ran into this htmladmin crash problem when htmladmin fails to connect to the Configuration Directory Server (my case, it was down). Yes, this bug could be happening in the igmar's environment. But this patch only fixes the double free. The cgi htmladmin is still failing to connect to the server unless the root cause is fixed...

igmar,

If you still have a problem accessing 389 Administration Express, could you check one another thing on your browser? I'm assuming you are using Firefox.

Please open "about:config" and search "network.dns.disableIPv6".
Is the value "false"? If so, please change it to "true" and restart your Firefox.

If so, I have released 389-admin-1.1.29 with this patch - can we close this ticket?

Since we don't hear any objections from the reporter, we are closing this ticket for now. Please reopen it if the problem is still with 389-admin-1.1.29.

Thanks!

originally targeted for 1.2.11.rc1, but actually in the 1.2.11.a1 release

Added initial screened field value.

Metadata Update from @nkinder:
- Issue assigned to nhosoi
- Issue set to the milestone: 1.2.11.a1

2 years ago

Login to comment on this ticket.

Metadata