Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 1092342 - nsslapd-ndn-cache-max-size accepts any invalid value.
nsslapd-ndn-cache-max-size accepts any invalid value.
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: 389-ds-base (Show other bugs)
7.0
x86_64 Linux
low Severity low
: rc
: ---
Assigned To: Noriko Hosoi
Viktor Ashirov
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2014-04-29 02:25 EDT by Amita Sharma
Modified: 2015-03-05 04:34 EST (History)
3 users (show)

See Also:
Fixed In Version: 389-ds-base-1.3.3.1-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-05 04:34:30 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:0416 normal SHIPPED_LIVE Important: 389-ds-base security, bug fix, and enhancement update 2015-03-05 09:26:33 EST

  None (edit)
Description Amita Sharma 2014-04-29 02:25:05 EDT
Description of problem:
nsslapd-ndn-cache-max-size accepts any invalid value.

Version-Release number of selected component (if applicable):
389-ds-base-1.3.1.6-25.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. ldapmodify -h localhost -p 389 -D "cn=directory manager" -w ***** <<EOF
dn: cn=config
changetype: modify
replace: nsslapd-ndn-cache-max-size
nsslapd-ndn-cache-max-size: ~
EOF

2. systemctl restart dirsrv@dhcp201-149


Actual results:
DS does not give any error and operation is successful.


Expected results:
Error is expected.
Comment 2 Noriko Hosoi 2014-04-29 13:04:59 EDT
Upstream ticket:
https://fedorahosted.org/389/ticket/47790
Comment 3 Noriko Hosoi 2014-04-29 13:16:03 EDT
https://fedorahosted.org/389/ticket/47790#comment:1
The input string "value" is converted to long integer by atol, which does not check the error, but returns 0 when the input is invalid. The set function then adjusts the size to the default size, and it returns SUCCESS. I think this is the right behaviour. Probably, we could log it in the error log, but I don't think we need to return an error there.

int
config_set_ndn_cache_max_size(const char *attrname, char *value, char *errorbuf, int apply )
{
    [...]
    size = atol(value);
    if(size < 0){
        size = 0; /* same as -1 */
    }
Comment 4 mreynolds 2014-07-15 15:58:09 EDT
Fixed upstream
Comment 6 Sankar Ramalingam 2015-01-13 13:44:48 EST
Ldapmodify rejects the invalid value. Hence, marking the bug as verified.

[root@mgmt7 export]# ldapmodify -x -p 8739 -D "cn=Directory Manager" -w Secret123 -h localhost << EOF
> dn: cn=config
> changetype: modify
> replace: nsslapd-ndn-cache-max-size
> nsslapd-ndn-cache-max-size: ~
> EOF
modifying entry "cn=config"
ldap_modify: Operations error (1)
	additional info: (nsslapd-ndn-cache-max-size) value (~) is invalid
Comment 8 errata-xmlrpc 2015-03-05 04:34:30 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0416.html

Note You need to log in before you can comment on or make changes to this bug.