-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-9.2.0
-
None
-
389-ds-base-3.0.6-1.el10
-
No
-
Low
-
ZStream
-
rhel-idm-ds
-
ssg_idm
-
24
-
0
-
False
-
False
-
-
No
-
None
-
Approved Blocker
-
Pass
-
Automated
-
Unspecified Release Note Type - Unknown
-
None
This is a clone from https://github.com/389ds/389-ds-base/issues/6432
—
Issue Description
A crash occurs when account policy is configured, but "alwaysrecordlogin" is not set. This leads to a NULL dereference:
#0 strcmpi_fast (dst=0x7fabb3c1e0e1 "bjectClass", src=0x1 <error: Cannot access memory at address 0x1>) at ../389-ds-base/ldap/servers/slapd/intrinsics.h:32 #1 0x00007fac57210fb5 in attrlist_find (a=0x7fabb3c24000, type=0x0) at ../389-ds-base/ldap/servers/slapd/attrlist.c:112 #2 0x00007fac57233fe0 in slapi_entry_attr_find (e=0x7fabb3c12000, type=0x0, a=0x7fabb53fc580) at ../389-ds-base/ldap/servers/slapd/entry.c:2237 #3 0x00007fac57235685 in slapi_entry_attr_has_syntax_value (e=0x7fabb3c12000, type=0x0, value=0x7fac55992640) at ../389-ds-base/ldap/servers/slapd/entry.c:3061 #4 0x00007fac55566a2b in acct_update_login_history (dn=0x7fabb3c62a80 "cn=mark,dc=example,dc=com", timestr=0x7fabb3c62ac0 "20241204152117Z") at ../389-ds-base/ldap/servers/plugins/acctpolicy/acct_plugin.c:233 #5 0x00007fac55567029 in acct_record_login (dn=0x7fabb3c62a80 "cn=mark,dc=example,dc=com") at ../389-ds-base/ldap/servers/plugins/acctpolicy/acct_plugin.c:375 #6 0x00007fac55567444 in acct_bind_postop (pb=0x7fabb3c00000) at ../389-ds-base/ldap/servers/plugins/acctpolicy/acct_plugin.c:527 #7 0x00007fac5729084b in plugin_call_func (list=0x7fac5599c900, operation=501, pb=0x7fabb3c00000, call_one=0) at ../389-ds-base/ldap/servers/slapd/plugin.c:2001 #8 0x00007fac572906ae in plugin_call_list (list=0x7fac5599c900, operation=501, pb=0x7fabb3c00000) at ../389-ds-base/ldap/servers/slapd/plugin.c:1944 #9 0x00007fac5728d3f4 in plugin_call_plugins (pb=0x7fabb3c00000, whichfunction=501) at ../389-ds-base/ldap/servers/slapd/plugin.c:414 #10 0x0000000000407a03 in do_bind (pb=0x7fabb3c00000) at ../389-ds-base/ldap/servers/slapd/bind.c:894
To reproduce just follow the RHDS 11 docs, but do not set "alwaysrecordlogin":
- links to
-
RHBA-2024:142375
389-ds-base bug fix and enhancement update