Attempting to add a uniqueMember to a group of type groupOfUniqueNames crashes the server if syntax checking is off.
Steps to recreate: 1. Enable memberofplugin with memberofgroupattr=uniqueMember and memberofattr=memberOf. (Requires server restart) 2. Disable syntax checking: in cn=cn=config, attribute nsslapd-syntaxcheck=off 3. In any groupOfUniqueName group, add an invalid uniqueMember such as cn=test,null,dc=will,dc=crash
Patch attached. This does affect 1.2.11 and up.
{{{ 1323 if(to_dn_val == NULL && op_to_sdn){ 1330 if(this_dn_val == NULL && op_this_sdn){ }}} Coverity may ask what if to_dn_val or this_dn_val is NULL and op_to_sdn or op_this_sdn is NULL, respectively, it goes through? ;)
revision 0001-Ticket-47793-Server-crashes-if-uniqueMember-is-inval.patch
Replying to [comment:3 nhosoi]:
Thanks, yes it does. New patch attached.
git merge ticket47793 Updating 9929b43..6816e11 Fast-forward ldap/servers/plugins/memberof/memberof.c | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-)
git push origin master 9929b43..6816e11 master -> master commit 6816e11
8eeb738..28fb219 389-ds-base-1.3.2 -> 389-ds-base-1.3.2 commit 28fb219
ba53b57..887960d 389-ds-base-1.3.1 -> 389-ds-base-1.3.1 commit 887960db50886495ebb6357f05af18156a0b3a98
b2ee65d..5f14af2 389-ds-base-1.2.11 -> 389-ds-base-1.2.11 commit 5f14af2
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1109333
Metadata Update from @mreynolds: - Issue assigned to mreynolds - Issue set to the milestone: 1.2.11.30
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1124
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.