#48975 Disabling CLEAR password storage scheme will crash server when setting a password
Closed: wontfix None Opened 4 years ago by mreynolds.

The server always expects the the CLEAR password storage scheme to always be enabled. If it is disabled then a NULL pointer gets dereferenced and the server crashes:

Program terminated with signal 11, Segmentation fault.
#0  valuearray_init_bervalarray_unhashed_only (pb=0x13ea250, pw_change=1, old_pw=0x0) at ldap/servers/slapd/modify.c:1460
1460                            if(strcmp(pwsp->pws_name, "CLEAR") == 0){

#0  valuearray_init_bervalarray_unhashed_only (pb=0x13ea250, pw_change=1, old_pw=0x0) at ldap/servers/slapd/modify.c:1460
#1  op_shared_modify (pb=0x13ea250, pw_change=1, old_pw=0x0) at ldap/servers/slapd/modify.c:968
#2  0x0000003c9208867e in do_modify (pb=0x13ea250) at ldap/servers/slapd/modify.c:408
#3  0x00000000004146d4 in connection_dispatch_operation () at ldap/servers/slapd/connection.c:594
#4  connection_threadmain () at ldap/servers/slapd/connection.c:2360
#5  0x00000036e4c29c13 in _pt_root (arg=0x1419ee0) at ../../../nspr/pr/src/pthreads/ptthread.c:212
#6  0x00000036e2c07aa1 in start_thread (arg=0x7f084e1fc700) at pthread_create.c:301
#7  0x00000036e28e8aad in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

This affects all versions of DS. It was reported on RHEL 6.8.

Mark, if target milestone needs to be 1.2.11, please feel free to update it. Thanks!

4cbde48..5223058 master -> master
commit 5223058
Author: Mark Reynolds mreynolds@redhat.com
Date: Tue Aug 30 14:25:15 2016 -0400

c9dc154..e2f2d74 389-ds-base-1.3.4 -> 389-ds-base-1.3.4
commit e2f2d74

30ecd3c..509b296 389-ds-base-1.3.3 -> 389-ds-base-1.3.3
commit 509b296

11dc556..3cc75cd 389-ds-base-1.3.2 -> 389-ds-base-1.3.2
commit 3cc75cd

dba6ff0..840cfbf 389-ds-base-1.2.11 -> 389-ds-base-1.2.11
commit 840cfbf

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
- Issue set to the milestone:

4 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2034

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)

7 months ago

Login to comment on this ticket.