10347 – Failure in partition_start_trans results in infinite loops

Bug 10347 - Failure in partition_start_trans results in infinite loops

Summary: Failure in partition_start_trans results in infinite loops

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-12-25 16:35 UTC by herwin
Modified:	2017-06-28 09:56 UTC (History)
CC List:	3 users (show)

See Also:

Flags:	mdw: review+

Attachments
patch (679 bytes, patch) 2013-12-25 16:36 UTC, herwin	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description herwin 2013-12-25 16:35:17 UTC

A short overview of the function:

  unsigned int i;
  ... i gets a value
  ret = ldb_next_start_trans(data->partitions[i]->module);
    if (ret != LDB_SUCCESS) {
      for (i--; i >= 0; i--) {
        .. do something with i
      }
    }

Since i is unsigned, the condition "i >= 0" is always true. The attached patch fixes this bug.

Comment 1 herwin 2013-12-25 16:36:00 UTC

Created attachment 9549 [details]
patch

Comment 2 Matthias Dieter Wallnöfer 2013-12-25 16:47:08 UTC

yes, this seems correct.

Comment 3 Andrew Bartlett 2017-06-28 09:56:58 UTC

Volker also noticed it.

Fixed by 8686da231d434bb35333654277a029271e147257 in master for Samba 4.7.

Thanks for the report!