-
Bug
-
Resolution: Duplicate
-
dirsrv-12.3
Description of problem:
RHDS is crashing when using simple text value instead of passing the expected encoded data.
Version-Release number of selected component (if applicable):
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 9.3 (Plow)
$
$ rpm -qa | grep 389-ds
389-ds-base-libs-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
389-ds-base-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
cockpit-389-ds-2.3.6-8.module+el9dsrv+20821+6bc979c1.noarch
389-ds-base-debugsource-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
389-ds-base-debuginfo-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
$
How reproducible:
Always.
Steps to Reproduce:
1. Replace a value using the binary separator (: but use a simple text value ( not base-64 encoded ):
$ ldapmodify -x -D "cn=test,dc=example,dc=com" -W -H ldaps://localhost:636
Enter LDAP Password:
dn: cn=test,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword:: test
modifying entry "cn=test,dc=example,dc=com"
ldap_modify: Server is unwilling to perform (53)
additional info: Unable to store attribute "userPassword" correctly
$
2. Check the RHDS status:
$ dsctl alps2 status
Instance "alps2" is not running
$
3. Check information about the crash:
$ coredumpctl info -1
PID: 140342 (ns-slapd)
UID: 389 (dirsrv)
GID: 389 (dirsrv)
Signal: 11 (SEGV)
Timestamp: Mon 2024-02-26 14:55:32 CET (1min 2s ago)
Command Line: /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-alps2 -i /run/dirsrv/slapd-alps2.pid
Executable: /usr/sbin/ns-slapd
Control Group: /system.slice/system-dirsrv.slice/dirsrv@alps2.service
Unit: dirsrv@alps2.service
Slice: system-dirsrv.slice
...
Message: Process 140342 (ns-slapd) of user 389 dumped core.
$
4. Stacktrace of the core:
$ gdb /usr/sbin/ns-slapd /var/tmp/DS_core_1
...
Core was generated by `/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-alps2 -i /run/dirsrv/slapd-alps2.pid'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 ldap_mods_free (freemods=<optimized out>, mods=<optimized out>) at /usr/src/debug/openldap-2.6.3-1.el9.x86_64/openldap-2.6.3/libraries/libldap/free.c:89
89 if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
[Current thread is 1 (Thread 0x7f560d3b2640 (LWP 146147))]
(gdb)
(gdb) where
#0 ldap_mods_free (freemods=<optimized out>, mods=<optimized out>) at /usr/src/debug/openldap-2.6.3-1.el9.x86_64/openldap-2.6.3/libraries/libldap/free.c:89
#1 ldap_mods_free (mods=0x7f55f8003a40, freemods=1) at /usr/src/debug/openldap-2.6.3-1.el9.x86_64/openldap-2.6.3/libraries/libldap/free.c:81
#2 0x00007f563eca390e in do_modify () at /usr/lib64/dirsrv/libslapd.so.0
#3 0x0000556fef4633e5 in connection_dispatch_operation (pb=0x7f55f8000b60, op=<optimized out>, conn=<optimized out>) at ldap/servers/slapd/connection.c:653
#4 connection_threadmain (arg=<optimized out>) at ldap/servers/slapd/connection.c:1805
#5 0x00007f563e2d5c34 in _pt_root (arg=0x556fef9f9be0) at pthreads/../../../../nspr/pr/src/pthreads/ptthread.c:201
#6 0x00007f563e9de802 in start_thread (arg=<optimized out>) at pthread_create.c:443
#7 0x00007f563e97e450 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
(gdb)
...
$
Actual results:
RHDS is crashing.
Expected results:
No crash.
Additional info:
Using the expected value works fine:
$ echo test | base64
dGVzdAo=
$
$ ldapmodify -x -D "cn=test,dc=example,dc=com" -W -H ldaps://localhost:636
Enter LDAP Password:
dn: cn=test,dc=example,dc=com
changetype: modify
replace: userPassword
userPassword:: dGVzdAo=
modifying entry "cn=test,dc=example,dc=com"
$
$ dsctl alps2 status
Instance "alps2" is running
$