Uploaded image for project: 'Red Hat Directory Server'
  1. Red Hat Directory Server
  2. DIRSRV-59

ns-slapd crashing in ldap_mods_free()

XMLWordPrintable

    • None
    • sst_idm_ds
    • 0
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None

      Description of problem:
      RHDS is crashing when using simple text value instead of passing the expected encoded data.

      Version-Release number of selected component (if applicable):
      $ cat /etc/redhat-release
      Red Hat Enterprise Linux release 9.3 (Plow)
      $
      $ rpm -qa | grep 389-ds
      389-ds-base-libs-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
      389-ds-base-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
      cockpit-389-ds-2.3.6-8.module+el9dsrv+20821+6bc979c1.noarch
      389-ds-base-debugsource-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
      389-ds-base-debuginfo-2.3.6-8.module+el9dsrv+20821+6bc979c1.x86_64
      $

      How reproducible:
      Always.

      Steps to Reproduce:
      1. Replace a value using the binary separator (: but use a simple text value ( not base-64 encoded ):

      $ ldapmodify -x -D "cn=test,dc=example,dc=com" -W -H ldaps://localhost:636
      Enter LDAP Password:
      dn: cn=test,dc=example,dc=com
      changetype: modify
      replace: userPassword
      userPassword:: test

      modifying entry "cn=test,dc=example,dc=com"
      ldap_modify: Server is unwilling to perform (53)
      additional info: Unable to store attribute "userPassword" correctly

      $

      2. Check the RHDS status:

      $ dsctl alps2 status
      Instance "alps2" is not running
      $

      3. Check information about the crash:

      $ coredumpctl info -1
      PID: 140342 (ns-slapd)
      UID: 389 (dirsrv)
      GID: 389 (dirsrv)
      Signal: 11 (SEGV)
      Timestamp: Mon 2024-02-26 14:55:32 CET (1min 2s ago)
      Command Line: /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-alps2 -i /run/dirsrv/slapd-alps2.pid
      Executable: /usr/sbin/ns-slapd
      Control Group: /system.slice/system-dirsrv.slice/dirsrv@alps2.service
      Unit: dirsrv@alps2.service
      Slice: system-dirsrv.slice
      ...
      Message: Process 140342 (ns-slapd) of user 389 dumped core.
      $

      4. Stacktrace of the core:

      $ gdb /usr/sbin/ns-slapd /var/tmp/DS_core_1
      ...
      Core was generated by `/usr/sbin/ns-slapd -D /etc/dirsrv/slapd-alps2 -i /run/dirsrv/slapd-alps2.pid'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0 ldap_mods_free (freemods=<optimized out>, mods=<optimized out>) at /usr/src/debug/openldap-2.6.3-1.el9.x86_64/openldap-2.6.3/libraries/libldap/free.c:89
      89 if ( mods[i]->mod_op & LDAP_MOD_BVALUES ) {
      [Current thread is 1 (Thread 0x7f560d3b2640 (LWP 146147))]
      (gdb)
      (gdb) where
      #0 ldap_mods_free (freemods=<optimized out>, mods=<optimized out>) at /usr/src/debug/openldap-2.6.3-1.el9.x86_64/openldap-2.6.3/libraries/libldap/free.c:89
      #1 ldap_mods_free (mods=0x7f55f8003a40, freemods=1) at /usr/src/debug/openldap-2.6.3-1.el9.x86_64/openldap-2.6.3/libraries/libldap/free.c:81
      #2 0x00007f563eca390e in do_modify () at /usr/lib64/dirsrv/libslapd.so.0
      #3 0x0000556fef4633e5 in connection_dispatch_operation (pb=0x7f55f8000b60, op=<optimized out>, conn=<optimized out>) at ldap/servers/slapd/connection.c:653
      #4 connection_threadmain (arg=<optimized out>) at ldap/servers/slapd/connection.c:1805
      #5 0x00007f563e2d5c34 in _pt_root (arg=0x556fef9f9be0) at pthreads/../../../../nspr/pr/src/pthreads/ptthread.c:201
      #6 0x00007f563e9de802 in start_thread (arg=<optimized out>) at pthread_create.c:443
      #7 0x00007f563e97e450 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
      (gdb)
      ...
      $

      Actual results:
      RHDS is crashing.

      Expected results:
      No crash.

      Additional info:

      Using the expected value works fine:

      $ echo test | base64
      dGVzdAo=
      $

      $ ldapmodify -x -D "cn=test,dc=example,dc=com" -W -H ldaps://localhost:636
      Enter LDAP Password:
      dn: cn=test,dc=example,dc=com
      changetype: modify
      replace: userPassword
      userPassword:: dGVzdAo=

      modifying entry "cn=test,dc=example,dc=com"

      $
      $ dsctl alps2 status
      Instance "alps2" is running
      $

              idm-ds-dev-bugs IdM DS Dev
              rhn-support-tmihinto Têko Mihinto
              IdM DS QE IdM DS QE
              Evgenia Martyniuk Evgenia Martyniuk
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: