Bug 876694 - RedHat Directory Server crashes (segfaults) when moving ldap entry
Summary: RedHat Directory Server crashes (segfaults) when moving ldap entry
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.3
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Sankar Ramalingam
Depends On:
Blocks: 881827 901534
TreeView+ depends on / blocked
Reported: 2012-11-14 18:04 UTC by Rich Megginson
Modified: 2018-11-30 20:48 UTC (History)
5 users (show)

Fixed In Version: 389-ds-base-
Doc Type: Bug Fix
Doc Text:
Cause: The code to check if the new superior entry exists or not was returning the "No such object" error only when the op was requested by the directory manager. Consequence: If an ordinary (non-root) user tries to use the modrdn operation to move an entry to a non-existing parent, it crashes the server Fix: This patch is removing the operator condition so that whoever the requester is, it returns the "No such object" error. Result: Modrdn to the non-existing parent successfully fails for any users.
Clone Of:
Last Closed: 2013-02-21 08:21:33 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0503 normal SHIPPED_LIVE Moderate: 389-ds-base security, bug fix, and enhancement update 2013-02-21 08:18:44 UTC

Description Rich Megginson 2012-11-14 18:04:09 UTC
Description of problem:

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:

Comment 1 Rich Megginson 2012-11-14 18:05:40 UTC
Upstream ticket:

Comment 4 Noriko Hosoi 2012-11-17 00:48:58 UTC
Steps to verify:
1. create a user: e.g., uid=tuser0,dc=example,dc=com with a userpassword: tuser0
2. give the all permission to the user.
3. ldapmodify ... -D 'uid=tuser0,dc=example,dc=com -w tuser0 << EOF
   dn: uid=tuser0,dc=example,dc=com
   changetype: modrdn
   newrdn: uid=tuser0
   deleteoldrdn: 1
   newsuperior: ou=bogus,dc=example,dc=com
   where ou=bogus,dc=example,dc=com does not exist.
   If the operation successfully fails with "No such object" error, the bug is verified.

Comment 5 Milan Kubík 2012-11-26 15:53:27 UTC
1. add user

$ /usr/lib64/mozldap/ldapsearch -b "ou=people,dc=brq,dc=redhat,dc=com" uid=tuser02 dn 
version: 1
dn: uid=tuser02,ou=People,dc=brq,dc=redhat,dc=com

2. grant user administrator permissions

$ /usr/lib64/mozldap/ldapsearch -D "cn=directory manager" -w Secret123 -b "dc=brq,dc=redhat,dc=com" cn="directory administrators" uniqueMember
version: 1
dn: cn=Directory Administrators,dc=brq,dc=redhat,dc=com
uniqueMember: cn=Directory Manager
uniqueMember: uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com

3. Attempt to modify entry

$ /usr/lib64/mozldap/ldapmodify -D "uid=tuser02,ou=people,dc=bre,dc=redhat,dc=com" -w Secret123 -a -f modentry.ldif 
ldap_simple_bind: No such object

$ echo $?

$ cat modentry.ldif
dn: uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com
changetype: modrdn
newrdn: uid=tuser0
deleteoldrdn: 1
newsuperior: ou=bogus,dc=brq,dc=redhat,dc=com

$ rpm -qa | grep 389

Comment 6 Milan Kubík 2012-11-27 11:28:49 UTC
typo in step 3.

$ /usr/lib64/mozldap/ldapmodify -D "uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com" -w Secret123 -a -f modentry.ldif 
modifying RDN of entry uid=tuser02,ou=people,dc=brq,dc=redhat,dc=com and/or moving it beneath a new parent

ldap_rename: No such object
ldap_rename: matched: dc=brq,dc=redhat,dc=com

Result remaining: VERIFIED

Comment 9 errata-xmlrpc 2013-02-21 08:21:33 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 10 Milan Kubík 2013-06-24 10:51:36 UTC
Covered in subtreeRenames suite

Note You need to log in before you can comment on or make changes to this bug.