Bug 679542 - empty modify operation with repl on or lastmod off will crash server
empty modify operation with repl on or lastmod off will crash server
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base (Show other bugs)
6.1
Unspecified Unspecified
high Severity high
: rc
: ---
Assigned To: Rich Megginson
Chandrasekar Kannan
: screened
Depends On: 675320
Blocks: 639035 389_1.2.8 CVE-2011-0704
  Show dependency treegraph
 
Reported: 2011-02-22 14:50 EST by Rich Megginson
Modified: 2015-01-04 18:46 EST (History)
6 users (show)

See Also:
Fixed In Version: 389-ds-base-1.2.8-0.3.a3.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 675320
Environment:
Last Closed: 2011-05-19 08:42:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Comment 1 Rich Megginson 2011-02-23 21:35:40 EST
Vincent, can you remove the Security Sensitive Bug check?  It is preventing me from checking into CVS.
Comment 2 Vincent Danen 2011-02-24 11:11:00 EST
Seems that Huzaifa already did that, so you should be ok now.
Comment 5 Amita Sharma 2011-03-31 06:42:46 EDT
Hi, 

I am testing this bug to verify the fix.
I have 389, 1.2.8 and executed below steps :


1) You have to have a client capable of sending an empty modify request -
mozldap ldapmodify will not let you do this, but openldap ldapmodify will:

# /usr/bin/ldapmodify -x <<EOF
dn:

EOF

It will warn, but allow the modify through.

<Amita>
[root@amsharma reslimit]# ldapmodify -x -h localhost -p 1389 -D "cn=Directory Manager" -w pwd << EOF
dn:

EOF
modifying entry ""
</Amita>

2) You have to be using a server built with mozldap - servers built with
openldap will return an LDAP error when receiving an empty modify request

<Amita>
Sorry, I could not do this as mozldap is deprecated. 
</Amita>

3) Either the modify operation is replicated, or the server has set cn=config
nsslapd-lastmod: off

<Amita>
[root@amsharma reslimit]# ldapsearch -x -h localhost -p 1389 -D "cn=Directory Manager" -w pwd -b "cn=config" | grep nsslapd-lastmod
nsslapd-lastmod: on
[root@amsharma reslimit]# ldapmodify -x -h localhost -p 1389 -D "cn=Directory Manager" -w pwd << EOF
> dn: cn=config
> changetype: modify
> replace: nsslapd-lastmod
> nsslapd-lastmod: off
> EOF
modifying entry "cn=config"

[root@amsharma reslimit]# ldapsearch -x -h localhost -p 1389 -D "cn=Directory Manager" -w pwd -b "cn=config" | grep nsslapd-lastmod
nsslapd-lastmod: off
[root@amsharma reslimit]#
</Amita>

If these conditions are met, the empty modify operation will crash the server.

<Amita>
Server was up and running, no crash found.
I am putting this bug as VERIFIED, please revert in case of any more actions required.
</Amita>
Comment 6 errata-xmlrpc 2011-05-19 08:42:00 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html

Note You need to log in before you can comment on or make changes to this bug.