Bug 601946
| Summary: | Slapd crashes during GER when ACI is missing a filter | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] 389 | Reporter: | Endi Sukma Dewata <edewata> | ||||
| Component: | Security - Access Control (GER) | Assignee: | Rich Megginson <rmeggins> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 1.2.6 | CC: | andrey.ivanov, benl, jgalipea, nhosoi | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | All | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2010-09-14 19:03:13 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 434915, 576869 | ||||||
| Attachments: |
|
||||||
I ran the attached script 5 times, but I could not reproduce the bug. Most likely, the bug was a duplicate of this bug? Bug 603942 - null deref in _ger_parse_control() for subjectdn Closing the bug for now. Please reopen it if it's observed again. *** This bug has been marked as a duplicate of bug 603942 *** |
Created attachment 422371 [details] scripts.tar.gz Slapd crashes during GER invocation when the LDAP URL for the bind rule in the ACI is missing a filter. The following ACI's will crash slapd: aci: (target=ldap:///dc=example,dc=com)(targetattr=*)(version 3.0; acl "GER"; deny (search) (userdn="ldap:///dc=example,dc=com??sub"); ) aci: (target=ldap:///dc=example,dc=com)(targetattr=*)(version 3.0; acl "GER"; deny (search) (userdn="ldap:///dc=example,dc=com??sub?"); ) The problem can be reproduced consistently on Solaris and RHEL. To reproduce the problem, unpack the attached script and execute run.sh. It will execute the following operations: 1. Create slapd instance 2. Add entries 3. Configure ACI 4. Test GER 100 times Slapd will crash in the first GER invocation. It will show the following message: ldap_result: Can't contact LDAP server FAIL: Error occured.