389-ds-base

Clone
Source Code
GIT

#47340 Deleting a separator ',' in 7-bit check plugin arguments makes the server fail to start with segfault
Closed: wontfix None Opened 11 years ago by nhosoi.

Closed: wontfix
Reopen Issue

7-bit check plugin entry with no separator ',':

dn: cn=7-bit check,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
cn: 7-bit check
nsslapd-pluginPath: libattr-unique-plugin
nsslapd-pluginInitfunc: NS7bitAttr_Init
nsslapd-pluginType: preoperation
nsslapd-pluginEnabled: on
nsslapd-pluginarg0: uid
nsslapd-pluginarg1: mail
nsslapd-pluginarg2: userpassword
nsslapd-pluginarg3: dc=example,dc=com
nsslapd-plugin-depends-on-type: database
nsslapd-pluginId: NS7bitAttr

gdb output:

(gdb) l
730        /*
731         * Arguments before "," are the 7-bit attribute names. Arguments after
732         * "," are the subtree DN's.
733         */
734        if (argc < 1) { err = -1; break; }
735        for(;strcmp(*argv, ",") != 0 && argc > 0; argc--, argv++)
736          {};
737        if (argc == 0) { err = -1; break; }
738        argv++; argc--;
739   
(gdb) p argv
$1 = (char **) 0x73dbb0
(gdb) p argv[0]
$2 = 0x0
(gdb) p argc
$5 = 0

(gdb) run -D /etc/dirsrv/slapd-mgmt12 -i /tmp/pid.txt -d 0
Starting program: /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-mgmt12 -i /tmp/pid.txt -d 0
[Thread debugging using libthread_db enabled]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff56b3c72 in NS7bitAttr_Init (pb=0x7fffffffaeb0) at ldap/servers/plugins/uiduniq/7bit.c:735
735        for(;strcmp(*argv, ",") != 0 && argc > 0; argc--, argv++)
Missing separate debuginfos, use: debuginfo-install cyrus-sasl-gssapi-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64 db4-4.7.25-17.el6.x86_64 glibc-2.12-1.107.el6.x86_64 keyutils-libs-1.4-4.el6.x86_64 krb5-libs-1.10.3-10.el6.x86_64 libcom_err-1.41.12-14.el6.x86_64 libgcc-4.4.7-3.el6.x86_64 libicu-4.2.1-9.1.el6_2.x86_64 libselinux-2.0.94-5.3.el6.x86_64 libstdc++-4.4.7-3.el6.x86_64 nspr-4.9.5-2.el6_4.x86_64 nss-3.14.3-3.el6_4.x86_64 nss-softokn-freebl-3.14.3-1.el6_4.x86_64 nss-util-3.14.3-1.el6_4.x86_64 openldap-2.4.23-31.el6.x86_64 openssl-1.0.0-27.el6.x86_64 pcre-7.8-6.el6.x86_64 svrcore-4.0.4-5.1.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0  0x00007ffff56b3c72 in NS7bitAttr_Init (pb=0x7fffffffaeb0) at ldap/servers/plugins/uiduniq/7bit.c:735
#1  0x00007ffff7d84e37 in plugin_setup (plugin_entry=0x75cb30, group=<value optimized out>,
    p_initfunc=<value optimized out>, add_entry=1) at ldap/servers/slapd/plugin.c:2308
#2  0x00000000004118ed in load_plugin_entry (pb=<value optimized out>, e=0x75cb30, ignored=<value optimized out>,
    returncode=0x7fffffffd304, returntext=<value optimized out>, arg=<value optimized out>)
    at ldap/servers/slapd/configdse.c:354
#3  0x00007ffff7d45008 in dse_call_callback (pdse=<value optimized out>, pb=0x7fffffffd6d0, operation=256, flags=1,
    entryBefore=0x75cb30, entryAfter=0x0, returncode=0x7fffffffd304, returntext=0x7fffffffd310 "")
    at ldap/servers/slapd/dse.c:2411
#4  0x00007ffff7d4759c in dse_read_one_file (pdse=0x678390, filename=0x727660 "/etc/dirsrv/slapd-mgmt12/dse.ldif",
    pb=0x7fffffffd6d0, primary_file=1) at ldap/servers/slapd/dse.c:798
#5  0x00007ffff7d4784b in dse_read_file (pdse=0x678390, pb=0x7fffffffd6d0) at ldap/servers/slapd/dse.c:869
#6  0x000000000041a65b in init_dse_file (configdir=0x66a190 "/etc/dirsrv/slapd-mgmt12")
    at ldap/servers/slapd/fedse.c:1609
#7  setup_internal_backends (configdir=0x66a190 "/etc/dirsrv/slapd-mgmt12") at ldap/servers/slapd/fedse.c:1777
#8  0x000000000041dd70 in main (argc=7, argv=0x7fffffffe158) at ldap/servers/slapd/main.c:831

Note: 4.1.1. 7-bit Check Plug-in in Configuration, Command, and File Reference Guide has this statement.

Configurable Arguments  List of attributes (uid mail userpassword) followed by "," and then suffixes on which the check is to occur.

The fix looks nice. I like the diagnostic error messages.

Did you have a chance to see "cn=attribute uniqueness,cn=plugins,cn=config" which may have some similar issue? It does not have ',' in it, so it may be the bug free (if so, we are good. :)

Replying to [comment:5 nhosoi]:

The fix looks nice. I like the diagnostic error messages.

Did you have a chance to see "cn=attribute uniqueness,cn=plugins,cn=config" which may have some similar issue? It does not have ',' in it, so it may be the bug free (if so, we are good. :)

Yes, and the values, or lack there of, are properly checked for attribute uniqueness.

git merge ticket47340
Updating 10a6b84..bce5557
Fast-forward
ldap/servers/plugins/uiduniq/7bit.c | 30 ++++++++++++++++++++++--------
1 files changed, 22 insertions(+), 8 deletions(-)

git push origin master
Counting objects: 13, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 1.19 KiB, done.
Total 7 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
10a6b84..bce5557 master -> master

commit bce5557

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
- Issue set to the milestone: 1.3.2 - 05/13 (May)
7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/677

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
ack
QE
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.