Bug 601946 - Slapd crashes during GER when ACI is missing a filter
Summary: Slapd crashes during GER when ACI is missing a filter
Status: CLOSED DUPLICATE of bug 603942
Alias: None
Product: 389
Classification: Retired
Component: Security - Access Control (GER)
Version: 1.2.6
Hardware: All
OS: All
Target Milestone: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
Depends On:
Blocks: 434915 389_1.2.7
TreeView+ depends on / blocked
Reported: 2010-06-08 22:03 UTC by Endi Sukma Dewata
Modified: 2015-01-04 23:42 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-09-14 19:03:13 UTC

Attachments (Terms of Use)
scripts.tar.gz (1.64 KB, application/x-gzip)
2010-06-08 22:03 UTC, Endi Sukma Dewata
no flags Details

Description Endi Sukma Dewata 2010-06-08 22:03:26 UTC
Created attachment 422371 [details]

Slapd crashes during GER invocation when the LDAP URL for the bind rule in the ACI is missing a filter.

The following ACI's will crash slapd:

aci: (target=ldap:///dc=example,dc=com)(targetattr=*)(version 3.0; acl "GER";
  deny (search) (userdn="ldap:///dc=example,dc=com??sub"); )

aci: (target=ldap:///dc=example,dc=com)(targetattr=*)(version 3.0; acl "GER";
  deny (search) (userdn="ldap:///dc=example,dc=com??sub?"); )

The problem can be reproduced consistently on Solaris and RHEL.

To reproduce the problem, unpack the attached script and execute run.sh. It will execute the following operations:

1. Create slapd instance
2. Add entries
3. Configure ACI
4. Test GER 100 times

Slapd will crash in the first GER invocation. It will show the following message:

ldap_result: Can't contact LDAP server
FAIL: Error occured.

Comment 2 Noriko Hosoi 2010-09-14 18:43:51 UTC
I ran the attached script 5 times, but I could not reproduce the bug.  Most likely, the bug was a duplicate of this bug?

Bug 603942 - null deref in _ger_parse_control() for subjectdn

Comment 3 Noriko Hosoi 2010-09-14 19:03:13 UTC
Closing the bug for now.  Please reopen it if it's observed again.

*** This bug has been marked as a duplicate of bug 603942 ***

Note You need to log in before you can comment on or make changes to this bug.