#47793 389 Server crashes if uniqueMember is invalid syntax and memberOf plugin is enabled.
Closed: wontfix None Opened 8 years ago by jgordon.

Attempting to add a uniqueMember to a group of type groupOfUniqueNames crashes the server if syntax checking is off.

Steps to recreate:
1. Enable memberofplugin with memberofgroupattr=uniqueMember and memberofattr=memberOf. (Requires server restart)
2. Disable syntax checking: in cn=cn=config, attribute nsslapd-syntaxcheck=off
3. In any groupOfUniqueName group, add an invalid uniqueMember such as cn=test,null,dc=will,dc=crash


Patch attached. This does affect 1.2.11 and up.

{{{
1323 if(to_dn_val == NULL && op_to_sdn){
1330 if(this_dn_val == NULL && op_this_sdn){
}}}
Coverity may ask what if to_dn_val or this_dn_val is NULL and op_to_sdn or op_this_sdn is NULL, respectively, it goes through? ;)

Replying to [comment:3 nhosoi]:

{{{
1323 if(to_dn_val == NULL && op_to_sdn){
1330 if(this_dn_val == NULL && op_this_sdn){
}}}
Coverity may ask what if to_dn_val or this_dn_val is NULL and op_to_sdn or op_this_sdn is NULL, respectively, it goes through? ;)

Thanks, yes it does. New patch attached.

git merge ticket47793
Updating 9929b43..6816e11
Fast-forward
ldap/servers/plugins/memberof/memberof.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)

git push origin master
9929b43..6816e11 master -> master
commit 6816e11

8eeb738..28fb219 389-ds-base-1.3.2 -> 389-ds-base-1.3.2
commit 28fb219

ba53b57..887960d 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
commit 887960db50886495ebb6357f05af18156a0b3a98

b2ee65d..5f14af2 389-ds-base-1.2.11 -> 389-ds-base-1.2.11
commit 5f14af2

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
- Issue set to the milestone: 1.2.11.30

5 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/1124

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)

2 years ago

Login to comment on this ticket.

Metadata