#49736 Hardening of active connection list
Opened a year ago by tbordaz. Modified a year ago

Issue Description

If connection->c_refcnt contains an invalid value (to low) when a thread (operation or nunc-stans callback) release the connection it can find that the connection was not accounting it.
It can create messages like

connection_release_nolock_ext - conn=0 fd=0 Attempt to release connection that is not acquired

under rare circumstance it can lead to several attempts to move the connection off the active list.
that crash the server

#0  0x0000564ef1c47b0a in connection_table_move_connection_out_of_active_list (ct=0x564ef38af280, c=c@entry=0x564ef4478a80) at ldap/servers/slapd/conntable.c:268
#1  0x0000564ef1c4a083 in ns_handle_closure_nomutex (c=c@entry=0x564ef4478a80) at ldap/servers/slapd/daemon.c:1645
#2  0x0000564ef1c4a0e2 in ns_handle_closure (job=0x564ef48e3b30) at ldap/servers/slapd/daemon.c:1672
#3  0x00007efe048b4c89 in work_job_execute (job=0x564ef48e3b30) at src/nunc-stans/ns/ns_thrpool.c:291
#4  0x00007efe048b5be3 in event_cb (fd=<optimized out>, event=<optimized out>, arg=<optimized out>) at src/nunc-stans/ns/ns_event_fw_event.c:118
#5  0x00007efe01905a14 in event_base_loop () at /lib64/libevent-2.0.so.5
#6  0x00007efe048b5eae in ns_event_fw_loop (ns_event_fw_ctx=<optimized out>)  at src/nunc-stans/ns/ns_event_fw_event.c:308
#7  0x00007efe048b4ac9 in event_loop_thread_func (arg=0x564ef39a8cc0) at src/nunc-stans/ns/ns_thrpool.c:581
#8  0x00007efe01d75dd5 in start_thread () at /lib64/libpthread.so.0
#9  0x00007efe01421e9d in clone () at /lib64/libc.so.6

This ticket is to prevent the crash.

Package Version and Platform

Since 7.4 (introduction of Nunc-Stans)

Steps to reproduce

No identified reproducer.

Actual results

Crash

Expected results

no crash


Metadata Update from @tbordaz:
- Issue assigned to tbordaz

a year ago

Metadata Update from @tbordaz:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None
- Issue set to the milestone: 1.4.0

a year ago

commit b0e0580

7ff19c6..9475c81 389-ds-base-1.3.8 -> 389-ds-base-1.3.8

770cfd8..9f45f62 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to ack (was: None)

a year ago

Login to comment on this ticket.

Metadata