1429498 – A filtered nsrole that specifies an empty nsrole in its nsRoleFilter will result in a segfault.

Bug 1429498 - A filtered nsrole that specifies an empty nsrole in its nsRoleFilter will result in a segfault.

Summary: A filtered nsrole that specifies an empty nsrole in its nsRoleFilter will res...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	389-ds-base
Sub Component:
Version:	7.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Noriko Hosoi
QA Contact:	Viktor Ashirov
Docs Contact:	Marc Muehlfeld
URL:
Whiteboard:
Depends On:	1419162
Blocks:
TreeView+	depends on / blocked

Reported:	2017-03-06 13:45 UTC by Jaroslav Reznik
Modified:	2017-04-12 12:36 UTC (History)
CC List:	7 users (show)
Fixed In Version:	389-ds-base-1.3.5.10-19.el7_3
Doc Type:	Bug Fix
Doc Text:	Previously, when adding a filtered role definition that uses the "nsrole" virtual attribute in the filter, Directory Server terminated unexpectedly. A patch has been applied, and now the roles plug-in ignores all virtual attributes. As a result, an error message is logged when an invalid filter is used. Additionally, the role is deactivated and Directory Server no longer fails.
Clone Of:	1419162
Environment:
Last Closed:	2017-04-12 12:36:50 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2017:0920	normal	SHIPPED_LIVE	Important: 389-ds-base security and bug fix update	2017-04-12 16:27:01 UTC

Description Jaroslav Reznik 2017-03-06 13:45:07 UTC

This bug has been copied from bug #1419162 and has been proposed
to be backported to 7.3 z-stream (EUS).

Comment 4 Sankar Ramalingam 2017-03-09 12:25:09 UTC

Executed upstream test ticket49122_test.py on the latest 389-ds-base-1.3.5.10-19 build and it PASSED. Hence, marking the bug as Verified.


[0 root@qeos-105 tickets]# py.test  -v ticket49122_test.py 

DS build: 1.3.5.10
389-ds-base: 1.3.5.10-19.el7_3
nss: 3.28.3-2.el7
nspr: 4.13.1-1.0.el7_3
openldap: 2.4.44-1.el7
svrcore: 4.1.2-1.el7

rootdir: /mnt/tests/rhds/tests/upstream/ds/dirsrvtests/tests/tickets, inifile: 
plugins: metadata-1.3.0, html-1.14.1, cov-2.4.0, beakerlib-0.7
collected 1 items 

ticket49122_test.py::test_ticket49122 PASSED

=========== 1 passed in 31.41 seconds =============

Comment 6 errata-xmlrpc 2017-04-12 12:36:50 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:0920

Note You need to log in before you can comment on or make changes to this bug.