RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Created attachment 516308 [details]
The patch that fixes this issue.

Description of problem:
The bug makes openldap with back-sql unusable at least since version 2.4.22. 
Whenever a user tries to authenticate the server segfaults. The issue is described here:
http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6657;selectid=6657

and a fix has been provided in OpenLDAP 2.4.26. Please either release 2.4.26 in the yum repositories OR include the attached patch which fixes this issue.

Version-Release number of selected component (if applicable): 2.4.23-15


How reproducible:
Set up OpenLDAP 2.4.23 with back-sql and then run ldapwhoami with one of the users from the database (not the Manager user from the slapd.conf).

Actual results:
The slapd daemon segfaults.

Expected results:
The DN of the authenticated user, and (of course) slapd not segfaulting.

Additional info:
I provided a patch in the attachment which works if applied to 2.4.23 (the current version in the repository). The patch is an adapted version of Howard Chu's commit in the OpenLDAP GIT repository:
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=0a9f51f58d1e20f92ad2f6a21c70ca04304a7f93

It was meant to be applied on 2.4.25. I adapted it to work with 2.4.23.

An update to 2.4.26 would of course also be a solution.

It can be reproduced, the fix works and is included upstream. Thank you for your report.

Resolved in openldap-2.4.23-17.el6

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
- OpenLDAP with SQL backend installed.
- The server crashes with segmentation fault after a few operations.
- Upstream patch was applied which updates data types used for storing the length of the values by ODBC.
- The server no longer crashes with segmentation fault when SQL backend is used.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1514.html