Learn more about these different git repos.
Other Git URLs
Function sysdb_attrs_get_el_ext uses talloc_realloc. Realloc can return memory which does not have the same base address as argument ptr. Old pointer can refer to the wrong area. It can cause crash which could be difficult to reproduce.
==24061== Invalid read of size 4 ==24061== at 0x131B0B49: ipa_get_netgroups_process (ipa_netgroups.c:374) ==24061== by 0x145B1162: sdap_get_generic_ext_done (sdap_async.c:1463) ==24061== by 0x145B075F: sdap_process_result (sdap_async.c:356) ==24061== by 0x4C2FFBE: tevent_common_loop_timer_delay (tevent_timed.c:341) ==24061== by 0x4C30FC9: epoll_event_loop_once (tevent_epoll.c:912) ==24061== by 0x4C2F6B6: std_event_loop_once (tevent_standard.c:112) ==24061== by 0x4C2BF2C: _tevent_loop_once (tevent.c:530) ==24061== by 0x4C2C0CA: tevent_common_loop_wait (tevent.c:634) ==24061== by 0x4C2F656: std_event_loop_wait (tevent_standard.c:138) ==24061== by 0x805DEC2: server_loop (server.c:587) ==24061== by 0x10E452: main (data_provider_be.c:2817) ==24061== Address 0x17c5bd10 is 272 bytes inside a block of size 288 free'd ==24061== at 0x4A083AA: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==24061== by 0x4E3F20D: _talloc_realloc (talloc.c:1803) ==24061== by 0x804150E: sysdb_attrs_get_el_ext (sysdb.c:317) ==24061== by 0x131B0AD0: ipa_get_netgroups_process (ipa_netgroups.c:355) ==24061== by 0x145B1162: sdap_get_generic_ext_done (sdap_async.c:1463) ==24061== by 0x145B075F: sdap_process_result (sdap_async.c:356) ==24061== by 0x4C2FFBE: tevent_common_loop_timer_delay (tevent_timed.c:341) ==24061== by 0x4C30FC9: epoll_event_loop_once (tevent_epoll.c:912) ==24061== by 0x4C2F6B6: std_event_loop_once (tevent_standard.c:112) ==24061== by 0x4C2BF2C: _tevent_loop_once (tevent.c:530) ==24061== by 0x4C2C0CA: tevent_common_loop_wait (tevent.c:634) ==24061== by 0x4C2F656: std_event_loop_wait (tevent_standard.c:138) ==24061== ==24061== Invalid read of size 4 ==24061== at 0x131B0B64: ipa_get_netgroups_process (ipa_netgroups.c:375) ==24061== by 0x145B1162: sdap_get_generic_ext_done (sdap_async.c:1463) ==24061== by 0x145B075F: sdap_process_result (sdap_async.c:356) ==24061== by 0x4C2FFBE: tevent_common_loop_timer_delay (tevent_timed.c:341) ==24061== by 0x4C30FC9: epoll_event_loop_once (tevent_epoll.c:912) ==24061== by 0x4C2F6B6: std_event_loop_once (tevent_standard.c:112) ==24061== by 0x4C2BF2C: _tevent_loop_once (tevent.c:530) ==24061== by 0x4C2C0CA: tevent_common_loop_wait (tevent.c:634) ==24061== by 0x4C2F656: std_event_loop_wait (tevent_standard.c:138) ==24061== by 0x805DEC2: server_loop (server.c:587) ==24061== by 0x10E452: main (data_provider_be.c:2817) ==24061== Address 0x17c5bcb0 is 176 bytes inside a block of size 288 free'd ==24061== at 0x4A083AA: realloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==24061== by 0x4E3F20D: _talloc_realloc (talloc.c:1803) ==24061== by 0x804150E: sysdb_attrs_get_el_ext (sysdb.c:317) ==24061== by 0x131B0AD0: ipa_get_netgroups_process (ipa_netgroups.c:355) ==24061== by 0x145B1162: sdap_get_generic_ext_done (sdap_async.c:1463) ==24061== by 0x145B075F: sdap_process_result (sdap_async.c:356) ==24061== by 0x4C2FFBE: tevent_common_loop_timer_delay (tevent_timed.c:341) ==24061== by 0x4C30FC9: epoll_event_loop_once (tevent_epoll.c:912) ==24061== by 0x4C2F6B6: std_event_loop_once (tevent_standard.c:112) ==24061== by 0x4C2BF2C: _tevent_loop_once (tevent.c:530) ==24061== by 0x4C2C0CA: tevent_common_loop_wait (tevent.c:634) ==24061== by 0x4C2F656: std_event_loop_wait (tevent_standard.c:138)
Fields changed
owner: somebody => mzidek
summary: Valgring: Invalid read of int while processing netgroup => Valgrind: Invalid read of int while processing netgroup
milestone: NEEDS_TRIAGE => SSSD 1.11.5 priority: major => blocker
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1078877
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1078877 1078877]
owner: mzidek => lslebodn patch: 0 => 1
resolution: => fixed status: new => closed
Metadata Update from @lslebodn: - Issue assigned to lslebodn - Issue set to the milestone: SSSD 1.11.5
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3326
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.