Created attachment 422371 [details] scripts.tar.gz Slapd crashes during GER invocation when the LDAP URL for the bind rule in the ACI is missing a filter. The following ACI's will crash slapd: aci: (target=ldap:///dc=example,dc=com)(targetattr=*)(version 3.0; acl "GER"; deny (search) (userdn="ldap:///dc=example,dc=com??sub"); ) aci: (target=ldap:///dc=example,dc=com)(targetattr=*)(version 3.0; acl "GER"; deny (search) (userdn="ldap:///dc=example,dc=com??sub?"); ) The problem can be reproduced consistently on Solaris and RHEL. To reproduce the problem, unpack the attached script and execute run.sh. It will execute the following operations: 1. Create slapd instance 2. Add entries 3. Configure ACI 4. Test GER 100 times Slapd will crash in the first GER invocation. It will show the following message: ldap_result: Can't contact LDAP server FAIL: Error occured.
I ran the attached script 5 times, but I could not reproduce the bug. Most likely, the bug was a duplicate of this bug? Bug 603942 - null deref in _ger_parse_control() for subjectdn
Closing the bug for now. Please reopen it if it's observed again. *** This bug has been marked as a duplicate of bug 603942 ***