Bug 1092342

Summary: nsslapd-ndn-cache-max-size accepts any invalid value.
Product: Red Hat Enterprise Linux 7 Reporter: Amita Sharma <amsharma>
Component: 389-ds-baseAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Viktor Ashirov <vashirov>
Severity: low Docs Contact:
Priority: low    
Version: 7.0CC: mreynolds, nkinder, rmeggins
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: 389-ds-base-1.3.3.1-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-05 09:34:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Amita Sharma 2014-04-29 06:25:05 UTC 
Description of problem:
nsslapd-ndn-cache-max-size accepts any invalid value.

Version-Release number of selected component (if applicable):
389-ds-base-1.3.1.6-25.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. ldapmodify -h localhost -p 389 -D "cn=directory manager" -w ***** <<EOF
dn: cn=config
changetype: modify
replace: nsslapd-ndn-cache-max-size
nsslapd-ndn-cache-max-size: ~
EOF

2. systemctl restart dirsrv@dhcp201-149


Actual results:
DS does not give any error and operation is successful.


Expected results:
Error is expected.
Comment 2 Noriko Hosoi 2014-04-29 17:04:59 UTC 
Upstream ticket:
https://fedorahosted.org/389/ticket/47790
Comment 3 Noriko Hosoi 2014-04-29 17:16:03 UTC 
https://fedorahosted.org/389/ticket/47790#comment:1
The input string "value" is converted to long integer by atol, which does not check the error, but returns 0 when the input is invalid. The set function then adjusts the size to the default size, and it returns SUCCESS. I think this is the right behaviour. Probably, we could log it in the error log, but I don't think we need to return an error there.

int
config_set_ndn_cache_max_size(const char *attrname, char *value, char *errorbuf, int apply )
{
    [...]
    size = atol(value);
    if(size < 0){
        size = 0; /* same as -1 */
    }
Comment 4 mreynolds 2014-07-15 19:58:09 UTC 
Fixed upstream
Comment 6 Sankar Ramalingam 2015-01-13 18:44:48 UTC 
Ldapmodify rejects the invalid value. Hence, marking the bug as verified.

[root@mgmt7 export]# ldapmodify -x -p 8739 -D "cn=Directory Manager" -w Secret123 -h localhost << EOF
> dn: cn=config
> changetype: modify
> replace: nsslapd-ndn-cache-max-size
> nsslapd-ndn-cache-max-size: ~
> EOF
modifying entry "cn=config"
ldap_modify: Operations error (1)
	additional info: (nsslapd-ndn-cache-max-size) value (~) is invalid
Comment 8 errata-xmlrpc 2015-03-05 09:34:30 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0416.html