Bug 14836 - Python ldb.msg_diff() memory handling failure
Summary: Python ldb.msg_diff() memory handling failure
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Python (show other bugs)
Version: 4.15.0rc7
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on: 14848
Blocks:
  Show dependency treegraph
 
Reported: 2021-09-15 04:13 UTC by Andrew Bartlett
Modified: 2021-10-29 07:25 UTC (History)
2 users (show)

See Also:

Attachments
patch from master backported to 4.15 (only) (5.82 KB, patch)
2021-09-24 02:19 UTC, Andrew Bartlett 		dbagnall: review+
Details
patch from master backported to 4.14 (5.70 KB, patch)
2021-09-24 03:06 UTC, Andrew Bartlett 		dbagnall: review+
abartlet: ci-passed+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2021-09-15 04:13:31 UTC 
Joseph Sutton notes that we need to:

Make a deep copy of the message elements in msg_diff() so that if either
of the input messages are deallocated early, the result does not refer
to non-existing elements.
Comment 1 Samba QA Contact 2021-09-15 08:50:04 UTC 
This bug was referenced in samba master:

a99a76722d6046a5d63032e3d2bb3f791da948a6
c2bbe774ce03661666a1f48922a9ab681ef4f64b
19a2af02f57d99db8ed3c6b028c3abdf4b553700
Comment 2 Douglas Bagnall 2021-09-24 01:29:35 UTC 
are we going to backport?
Comment 3 Andrew Bartlett 2021-09-24 01:35:06 UTC 
I'll backport and upload.  Yes, we will need this to allow backport of other things like bronze-bit tests.
Comment 4 Andrew Bartlett 2021-09-24 02:19:43 UTC 
Created attachment 16813 [details]
patch from master backported to 4.15 (only)

The 4.14 and earlier branches need a backport, not just a cherry-pick, but we should do this much at least.
Comment 5 Andrew Bartlett 2021-09-24 03:06:08 UTC 
Created attachment 16814 [details]
patch from master backported to 4.14

I've run 'make test TESTS=samba.tests.segfault' to confirm the backport
Comment 6 Andrew Bartlett 2021-09-28 21:15:12 UTC 
Assigning to Jule for 4.14 and 4.15
Comment 7 Jule Anger 2021-09-29 06:48:39 UTC 
Pushed to autobuild-v4-{15,14}-test.
Comment 8 Andrew Bartlett 2021-09-29 08:11:50 UTC 
Thanks.  I'll be backporting a patch with a new LDB version number in it shortly, so an external ldb will also include the change.
Comment 9 Samba QA Contact 2021-09-29 11:47:04 UTC 
This bug was referenced in samba v4-15-test:

db294baff360f1c44c05798f6cda4584166adfd7
e52ddfbe5728487cb2c8b8ceeb2f63c5c15a7541
eb28bd54ac5c36a9392ef19c49bf97a18b81974e
Comment 10 Samba QA Contact 2021-09-29 13:15:04 UTC 
This bug was referenced in samba v4-14-test:

9f79d4256f8f24127f06f0bf25092c5ca84a7d59
9d61f2f2f3eb3fd79bb2d78da8d64b0f8b66d3aa
5a90b3e832cda88339c5cebca7043e842b348e47
Comment 11 Jule Anger 2021-10-01 11:01:48 UTC 
(In reply to Andrew Bartlett from comment #8)
If the patch with the new LDB version should also be in the next 4.14 release, then I need the patch until Tuesday.
Comment 12 Samba QA Contact 2021-10-05 13:26:27 UTC 
This bug was referenced in samba v4-14-stable (Release samba-4.14.8):

9f79d4256f8f24127f06f0bf25092c5ca84a7d59
9d61f2f2f3eb3fd79bb2d78da8d64b0f8b66d3aa
5a90b3e832cda88339c5cebca7043e842b348e47
Comment 13 Samba QA Contact 2021-10-05 20:25:19 UTC 
This bug was referenced in samba master:

76899e236149ff3b86cd9032a3c6bdafe3a2f036
Comment 14 Andrew Bartlett 2021-10-06 03:50:52 UTC 
The remaining step is to bump the ldb version number in 4.15, see the patch on bug 14848
Comment 15 Andrew Bartlett 2021-10-12 23:03:29 UTC 
(In reply to Jule Anger from comment #11)
Sorry, the patch to bump the version number on bug 14848 was not approved in time so Samba 4.14.8 shipped with a different internal ldb to the 'system' one we require.

So far the changes only really matter for our tests, but this isn't ideal.  I continue to advocate to remove this ldb release step, but without success so far.
Comment 16 Samba QA Contact 2021-10-26 13:04:22 UTC 
This bug was referenced in samba v4-14-test:

c1d2a0570dfc697bbdda6047f10da4ea9cf261f8
Comment 17 Samba QA Contact 2021-10-26 15:25:20 UTC 
This bug was referenced in samba v4-15-test:

a795e0c84597aa045d011e663dbad3cdabf0f1e6
Comment 18 Samba QA Contact 2021-10-27 13:11:52 UTC 
This bug was referenced in samba v4-15-stable (Release samba-4.15.1):

db294baff360f1c44c05798f6cda4584166adfd7
e52ddfbe5728487cb2c8b8ceeb2f63c5c15a7541
eb28bd54ac5c36a9392ef19c49bf97a18b81974e
a795e0c84597aa045d011e663dbad3cdabf0f1e6
Comment 19 Samba QA Contact 2021-10-27 13:22:25 UTC 
This bug was referenced in samba v4-14-stable (Release samba-4.14.9):

c1d2a0570dfc697bbdda6047f10da4ea9cf261f8
Comment 20 Samba QA Contact 2021-10-28 10:01:44 UTC 
This bug was referenced in samba v4-13-test:

f47f0f9f4595ab9e83479b493a1110e602aee4fc
400d04533ab3525f29721dffa137faf096c274e8
0c36416e319e307022d11a915a4ac508c0ab2eea
74e65d7c06c5eda79105f43d87efcaec09dfbb77
Comment 21 Samba QA Contact 2021-10-29 07:25:24 UTC 
This bug was referenced in samba v4-13-stable (Release samba-4.13.13):

f47f0f9f4595ab9e83479b493a1110e602aee4fc
400d04533ab3525f29721dffa137faf096c274e8
0c36416e319e307022d11a915a4ac508c0ab2eea
74e65d7c06c5eda79105f43d87efcaec09dfbb77