[Pkg-samba-maint] Bug#522907: Bug#522907: winbind: Winbind daily crashes, possible fix to bug #483235

[Francis Brosnan Blazquez]

Hi Christian,

> > I only have one environment with this configuration and it is in
> > production. 
> > 
> > In any case, the patch I'm proposing won't harm because it is an
> > additional NULL reference check which seems reasonable having
> > ldap_parse_result with so fanatic behavior.
> 
> 
> OK. Then it would be nice to confirm if the patch you propose is
> indeed fixing these crashes. It's unclear to me if it does...

Taking the backtrace and the data I've provided it's more than clear it
does fix the bug.

Anyway, just to confirm the bug keeps on breaking winbind instances with
latest winbind (samba) version: 3.2.5-4lenny2.

Digging more into the problem, it is clear that the winbind/libads check
done at line (samba-3.2.5/source/libads/ldap.c:777) is wrong because
ldap_search_ext_s (the function used by libads's
ldap_search_with_timeout) may return zero in cases where a timeout is
found.

Please check openldap_2.4.11.orig/libraries/libldap/search.c:144 to see
how it is implemented (openldap) ldap_search_ext_s.

As a consequence, libads code is not properly checking the result
returned by ldap_search_with_timeout, and it must also check for NULL
reference as the patch suggest (not only the rc value).

I've checked official source code from samba 3.3.3 and 3.2.11 and the
error is still there. I've placed a bug report at:

https://bugzilla.samba.org/show_bug.cgi?id=6279

Cheers!

> Many thanks in advance.

-- 
Francis Brosnan Blazquez <francis at aspl.es>
ASPL