2256711 – ns-slapd buffer overflow detected

Bug 2256711 - ns-slapd buffer overflow detected

Summary: ns-slapd buffer overflow detected

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Directory Server
Classification:	Red Hat
Component:	389-ds-base
Sub Component:
Version:	11.7
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	DS11.9
Target Release:	dirsrv-11.9
Assignee:	thierry bordaz
QA Contact:	LDAP QA Team
Docs Contact:	Evgenia Martynyuk
URL:
Whiteboard:	sync-to-jira
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2024-01-04 01:55 UTC by Marc Sauton
Modified:	2024-07-01 14:57 UTC (History)
CC List:	8 users (show)
Fixed In Version:	389-ds-base-1.4.3.39-1.module+el8dsrv+21143+6a9f8bbf
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2024-05-21 00:09:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	389ds 389-ds-base issues 5647	None	closed	covscan: memory leak in audit log when adding entries	2024-01-29 13:18:47 UTC
Red Hat Issue Tracker	DIRSRV-129	None	None	None	2024-07-01 14:57:36 UTC
Red Hat Issue Tracker	IDMDS-3999	None	None	None	2024-07-01 14:56:24 UTC
Red Hat Issue Tracker	IDMDS-4090	None	None	None	2024-01-26 13:26:13 UTC
Red Hat Issue Tracker	IDMDS-4256	None	None	None	2024-03-26 12:33:57 UTC
Red Hat Product Errata	RHEA-2024:2934	None	None	None	2024-05-21 00:09:03 UTC

Description Marc Sauton 2024-01-04 01:55:32 UTC

Description of problem:

a crash happened once in a production environment, on 1 consumer, and there is not yet the possibility to collect a core dump and read it.
this is a report about an issue that may possibly related ( this is a really "long shot" at this moment ) to

https://issues.redhat.com/browse/RHEL-16821

note I created IDMDS-3867 , but the current RHDS Salesforce case workflow does not allow to link to a Jira issue, so this bugzilla report will be instead linked to the related salesforce case.

we may consider to have
  https://issues.redhat.com/browse/RHEL-16821
from RHEL-8.8.z
into RHDS-11.7.z


Version-Release number of selected component (if applicable):

RHDS-11.7 on RHEL-8.8
389-ds-base-1.4.3.34-1.module+el8dsrv+18528+22f7779f.x86_64 Sat Dec 16 19:49:51 2023
redhat-release-8.8-0.8.el8.x86_64                           Fri Jun 23 11:05:20 2023

and

RHEL-8.8 ( NO IdM )
389-ds-base-1.4.3.35-2.module+el8.8.0+19693+b24f535c.x86_64       Sat Oct 28 20:20:04 2023


How reproducible:
N/A

Steps to Reproduce:
1. N/A
2.
3.


Actual results:

production outage one night ( one time event so far)

  Nov  1 11:05:33 lvappp03290 ns-slapd[3306985]: [01/Nov/2023:11:05:33.774044654 -0400] - ERR - slapu_search_s - ("CN=edited.edited,OU=edited,OU=edited,O=edited,C=edited", subtree, objectclass=*) err 32
  Nov  1 11:05:35 lvappp03290 ns-slapd[3306985]: *** buffer overflow detected ***: /usr/sbin/ns-slapd terminated
  Nov  1 11:05:35 lvappp03290 systemd[1]: dirsrv: Main process exited, code=killed, status=6/ABRT
  Nov  1 11:05:35 lvappp03290 systemd[1]: dirsrv: Failed with result 'signal'.


Expected results:


Additional info:

du -sh /var/lib/dirsrv/slapd-ldap-edited/
      514M    /var/lib/dirsrv/slapd-ldap-edited/

Comment 27 Viktor Ashirov 2024-04-09 08:39:06 UTC

============================================================= test session starts =============================================================
platform linux -- Python 3.6.8, pytest-3.4.2, py-1.5.3, pluggy-0.6.0 -- /usr/libexec/platform-python
cachedir: dirsrvtests/.pytest_cache
389-ds-base: 1.4.3.39-2.module+el8dsrv+21624+42c0a71f
nss: 3.90.0-6.el8_9
nspr: 4.35.0-1.el8_8
openldap: 2.4.46-18.el8
cyrus-sasl: 2.1.27-6.el8_5
FIPS: disabled
rootdir: /root/ds/dirsrvtests, inifile: pytest.ini
collected 1 item

dirsrvtests/tests/suites/ds_logs/audit_log_test.py::test_auditlog_bof PASSED                                                            [100%]

========================================================== 1 passed in 23.02 seconds ==========================================================

Marking as VERIFIED.

Comment 30 errata-xmlrpc 2024-05-21 00:09:00 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (redhat-ds:11 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2024:2934

Note You need to log in before you can comment on or make changes to this bug.