Bug 1896850

Summary: NULL dereference in revert_cache()
Product: Red Hat Enterprise Linux 8 Reporter: mreynolds
Component: 389-ds-baseAssignee: mreynolds
Status: CLOSED ERRATA QA Contact: RHDS QE <ds-qe-bugs>
Severity: high Docs Contact:
Priority: high    
Version: 8.4CC: jachapma, msauton, sgouvern, spichugi, tbordaz, tmihinto, vashirov
Target Milestone: rcKeywords: TestCaseProvided, ZStream
Target Release: 8.0Flags: pm-rhel: mirror+
Hardware: All   
OS: Linux   
Whiteboard: sync-to-jira
Fixed In Version: 389-ds-1.4-8040020201112160023.866effaa Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1904352 (view as bug list) Environment:
Last Closed: 2021-05-18 15:45:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1904352    

Description mreynolds 2020-11-11 16:54:34 UTC 
Description of problem:

It's possible if a DN has escaped spaces in the RDN that trying to delete the entry can dereference a NULL pointer and crash the server.  This is only caused when the DN fails to be parsed when trying to find the entry before doing the actual delete.  This parsing failure is being fixed in a different bug (BZ#1888863), but this NULL pointer dereference should still be fixed.


Upstream ticket:

https://github.com/389ds/389-ds-base/issues/4429
Comment 1 sgouvern 2020-11-20 10:46:28 UTC 
With build 389-ds-base-1.4.3.16-1.module+el8.4.0+8740+d5ec8778.x86_64

# PYTHONPATH=src/lib389/ py.test -s -v dirsrvtests/tests/suites/syntax/acceptance_test.py::test_invalid_dn_syntax_crash
re-exec with libfaketime dependencies
================================================================= test session starts =================================================================
platform linux -- Python 3.6.8, pytest-6.1.2, py-1.9.0, pluggy-0.13.1 -- /usr/bin/python3.6
cachedir: .pytest_cache
metadata: {'Python': '3.6.8', 'Platform': 'Linux-4.18.0-247.el8.x86_64-x86_64-with-redhat-8.4-Ootpa', 'Packages': {'pytest': '6.1.2', 'py': '1.9.0', 'pluggy': '0.13.1'}, 'Plugins': {'metadata': '1.10.0', 'html': '3.0.0', 'libfaketime': '0.1.2'}}
389-ds-base: 1.4.3.16-1.module+el8.4.0+8740+d5ec8778
nss: 3.53.1-11.el8_2
nspr: 4.25.0-2.el8_2
openldap: 2.4.46-16.el8
cyrus-sasl: 2.1.27-5.el8
FIPS: disabled
rootdir: /mnt/tests/rhds/tests/upstream/ds/dirsrvtests, configfile: pytest.ini
plugins: metadata-1.10.0, html-3.0.0, libfaketime-0.1.2
collected 1 item                                                                                                                                      

dirsrvtests/tests/suites/syntax/acceptance_test.py::test_invalid_dn_syntax_crash INFO:lib389.topologies:Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
PASSEDInstance slapd-standalone1 removed.


================================================================= 1 passed in 13.22s ==================================================================


setting Verified:tested
Comment 4 sgouvern 2020-11-30 16:50:37 UTC 
verified:tested (see comment 1) with 389-ds-base-1.4.3.16-1.module+el8.4.0+8740+d5ec8778.x86_64
-> marking as VERIFIED
Comment 8 errata-xmlrpc 2021-05-18 15:45:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (389-ds:1.4 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:1835