Skip to content
This repository was archived by the owner on Mar 1, 2026. It is now read-only.

Commit c876fc5

Browse files
author
Tor Didriksen
committed
Bug #31088206 "SEGV ON UNKNOWN ADDRESS" PB2 UBSAN ERRORS WITH AUTHENTICATION_LDAP MTR TESTS
The problem was caused by multiple calls to sasl_client_done(). The last call could cause undefined behaviour in some cases. The server may use SASL both from the auth_ldap_sasl server plugin, and from the authentication_ldap_sasl_client client plugin. Server plugins are unloaded before unloading client plugins during shutdown. The solution is to *not* call sasl_client_done(), from the server plugin, or from the client plugin. Change-Id: Ia7a86834caee65f1ab3e9a85c40db117f4ff0d0e (cherry picked from commit cda229ebafe730e8b3b4e85fae71342777e20bb7)
1 parent 9f562df commit c876fc5

4 files changed

Lines changed: 9 additions & 14 deletions

File tree

‎libmysql/authentication_ldap/auth_ldap_sasl_client.cc‎

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -209,15 +209,6 @@ Sasl_client::~Sasl_client() {
209209
m_sasl_mechanism = nullptr;
210210
}
211211

212-
void Sasl_client::sasl_client_done_wrapper() {
213-
#if (SASL_VERSION_MAJOR >= 2) && (SASL_VERSION_MINOR >= 1) && \
214-
(SASL_VERSION_STEP >= 24) && (!defined __APPLE__) && (!defined __sun)
215-
sasl_client_done();
216-
#else
217-
sasl_done();
218-
#endif
219-
}
220-
221212
int Sasl_client::send_sasl_request_to_server(const unsigned char *request,
222213
int request_len,
223214
unsigned char **response,
@@ -580,8 +571,6 @@ static int initialize_plugin(char *, size_t, int, va_list) {
580571
}
581572

582573
static int deinitialize_plugin() {
583-
Sasl_client::sasl_client_done_wrapper();
584-
585574
delete g_logger_client;
586575
g_logger_client = nullptr;
587576

‎libmysql/authentication_ldap/auth_ldap_sasl_client.h‎

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,6 @@ class Sasl_client {
8989
int send_sasl_request_to_server(const unsigned char *request, int request_len,
9090
unsigned char **reponse, int *response_len);
9191
void set_user_info(std::string name, std::string pwd);
92-
static void sasl_client_done_wrapper();
9392
std::string get_method();
9493
#if defined(KERBEROS_LIB_CONFIGURED)
9594
void read_kerberos_user_name();

‎mysql-test/lsan.supp‎

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,5 @@ leak:ldap_initialize
3535

3636
# sasl_client_init will load all available plugins with _sasl_load_plugins().
3737
# It seems some of the SASL plugin have leaks.
38-
# We *do* call sasl_client_done, which calls _sasl_done_with_plugins
3938
# Both LSAN and Valgrind report leaks.
4039
leak:sasl_client_add_plugin

‎mysql-test/valgrind.supp‎

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -797,7 +797,6 @@
797797

798798
# sasl_client_init will load all available plugins with _sasl_load_plugins().
799799
# It seems some of the SASL plugin have leaks.
800-
# We *do* call sasl_client_done, which calls _sasl_done_with_plugins
801800
# Both LSAN and Valgrind report leaks.
802801
{
803802
Loading SASL plugins 1
@@ -2469,6 +2468,15 @@
24692468
...
24702469
}
24712470

2471+
{
2472+
LDAP_27
2473+
Memcheck:Leak
2474+
match-leak-kinds: reachable
2475+
fun:malloc
2476+
...
2477+
fun:dlopen@@GLIBC_2.2.5
2478+
}
2479+
24722480
# Suppress all issues related to libcrypto library
24732481
{
24742482
Conditional jump or move in BN_bin2bn

0 commit comments

Comments
 (0)