Bug 2256711

Summary: ns-slapd buffer overflow detected
Product: Red Hat Directory Server Reporter: Marc Sauton <msauton>
Component: 389-ds-baseAssignee: thierry bordaz <tbordaz>
Status: CLOSED ERRATA QA Contact: LDAP QA Team <idm-ds-qe-bugs>
Severity: high Docs Contact: Evgenia Martynyuk <emartyny>
Priority: unspecified    
Version: 11.7CC: choule, cilmar, idm-ds-dev-bugs, musoni, progier, tbordaz, tmihinto, vashirov
Target Milestone: DS11.9Keywords: Triaged
Target Release: dirsrv-11.9   
Hardware: x86_64   
OS: Linux   
Whiteboard: sync-to-jira
Fixed In Version: 389-ds-base-1.4.3.39-1.module+el8dsrv+21143+6a9f8bbf Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-05-21 00:09:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marc Sauton 2024-01-04 01:55:32 UTC 
Description of problem:

a crash happened once in a production environment, on 1 consumer, and there is not yet the possibility to collect a core dump and read it.
this is a report about an issue that may possibly related ( this is a really "long shot" at this moment ) to

https://issues.redhat.com/browse/RHEL-16821

note I created IDMDS-3867 , but the current RHDS Salesforce case workflow does not allow to link to a Jira issue, so this bugzilla report will be instead linked to the related salesforce case.

we may consider to have
  https://issues.redhat.com/browse/RHEL-16821
from RHEL-8.8.z
into RHDS-11.7.z


Version-Release number of selected component (if applicable):

RHDS-11.7 on RHEL-8.8
389-ds-base-1.4.3.34-1.module+el8dsrv+18528+22f7779f.x86_64 Sat Dec 16 19:49:51 2023
redhat-release-8.8-0.8.el8.x86_64                           Fri Jun 23 11:05:20 2023

and

RHEL-8.8 ( NO IdM )
389-ds-base-1.4.3.35-2.module+el8.8.0+19693+b24f535c.x86_64       Sat Oct 28 20:20:04 2023


How reproducible:
N/A

Steps to Reproduce:
1. N/A
2.
3.


Actual results:

production outage one night ( one time event so far)

  Nov  1 11:05:33 lvappp03290 ns-slapd[3306985]: [01/Nov/2023:11:05:33.774044654 -0400] - ERR - slapu_search_s - ("CN=edited.edited,OU=edited,OU=edited,O=edited,C=edited", subtree, objectclass=*) err 32
  Nov  1 11:05:35 lvappp03290 ns-slapd[3306985]: *** buffer overflow detected ***: /usr/sbin/ns-slapd terminated
  Nov  1 11:05:35 lvappp03290 systemd[1]: dirsrv: Main process exited, code=killed, status=6/ABRT
  Nov  1 11:05:35 lvappp03290 systemd[1]: dirsrv: Failed with result 'signal'.


Expected results:


Additional info:

du -sh /var/lib/dirsrv/slapd-ldap-edited/
      514M    /var/lib/dirsrv/slapd-ldap-edited/
Comment 27 Viktor Ashirov 2024-04-09 08:39:06 UTC 
============================================================= test session starts =============================================================
platform linux -- Python 3.6.8, pytest-3.4.2, py-1.5.3, pluggy-0.6.0 -- /usr/libexec/platform-python
cachedir: dirsrvtests/.pytest_cache
389-ds-base: 1.4.3.39-2.module+el8dsrv+21624+42c0a71f
nss: 3.90.0-6.el8_9
nspr: 4.35.0-1.el8_8
openldap: 2.4.46-18.el8
cyrus-sasl: 2.1.27-6.el8_5
FIPS: disabled
rootdir: /root/ds/dirsrvtests, inifile: pytest.ini
collected 1 item

dirsrvtests/tests/suites/ds_logs/audit_log_test.py::test_auditlog_bof PASSED                                                            [100%]

========================================================== 1 passed in 23.02 seconds ==========================================================

Marking as VERIFIED.
Comment 30 errata-xmlrpc 2024-05-21 00:09:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (redhat-ds:11 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2024:2934