Home > mailing lists

Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31] - Mailing list pgsql-hackers

From	Noah Misch
Subject	Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31]
Date	June 19, 2014 19:53:03
Msg-id	20140619165253.GA1065108@tornado.leadboat.com Whole thread Raw
In response to	Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31] (Noah Misch <noah@leadboat.com>)
Responses	Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31] (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Thu, Jun 12, 2014 at 05:02:19PM -0400, Noah Misch wrote:
> You can cause the at-exit crash by building PostgreSQL against OpenLDAP
> 2.4.31, connecting with LDAP authentication, and issuing "LOAD 'dblink'".

> 4. Detect older OpenLDAP versions at runtime, just before we would otherwise
> initialize OpenLDAP, and raise an error.  Possibly make the same check at
> compile time, for packager convenience.

Having pondered this some more, I lean toward the following conservative fix.
Add to all supported branches a test case that triggers the crash and a
configure-time warning if the OpenLDAP version falls in the vulnerable range.
So long as those who build from source monitor either "configure" output or
test suite failures, they'll have the opportunity to head off the problem.

-- 
Noah Misch
EnterpriseDB                                 http://www.enterprisedb.com

pgsql-hackers by date:

From: Abhijit Menon-Sen
Date: 19 June 2014, 19:40:22
Subject: Re: idle_in_transaction_timeout

From: Tom Lane
Date: 19 June 2014, 20:01:40
Subject: Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31]

Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31] - Mailing list pgsql-hackers

Previous

Next