389-ds-base

Clone
Source Code
GIT

#49890 ldapsearch with server side sort crashes the ldap server
Closed: wontfix 5 years ago Opened 5 years ago by mreynolds.

Closed: wontfix
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1607078

Description of problem:
Any authenticated user doing a search using ldapsearch with extended controls
for
server side sorting is bringing down the ldap server itself.

Version-Release number of selected component (if applicable):
389-ds-base-1.3.7.5-18.el7.x86_64.rpm

How reproducible:
- Always reproduciable


Steps to Reproduce:
- Just install the rpm with some sample data
- Run the below ldapsearch
ldapsearch -D"cn=Directory Manager" -W -E sss=uid:2.5.13.3

Actual results:
# ldapsearch -D"cn=Directory Manager" -W -E sss=uid:2.5.13.3 > /dev/null
Enter LDAP Password:
ldap_result: Can't contact LDAP server (-1)
#

- System logs show the server is no longer responding
Jul 21 14:33:37 ipa-lab-vm-01 ns-slapd: [21/Jul/2018:14:33:37.566302429 +0000]
- WARN - default_mr_indexer_create - Plugin [caseExactIA5Match] does not handle
2.5.13.3
Jul 21 14:33:37 ipa-lab-vm-01 ns-slapd: [21/Jul/2018:14:33:37.571733926 +0000]
- WARN - default_mr_indexer_create - Plugin [caseIgnoreIA5Match] does not
handle 2.5.13.3
Jul 21 14:33:38 ipa-lab-vm-01 kernel: ns-slapd[31886]: segfault at 0 ip
00007f301a986d5d sp 00007f2fd38057b0 error 4 in
libback-ldbm.so[7f301a90d000+a0000]
Jul 21 14:33:38 ipa-lab-vm-01 systemd: dirsrv@XXXXXXXXXXXXX-NET.service: main
process exited, code=killed, status=11/SEGV
Jul 21 14:33:38 ipa-lab-vm-01 systemd: Unit dirsrv@XXXXXXXXXXX-NET.service
entered failed state.
Jul 21 14:33:38 ipa-lab-vm-01 systemd: dirsrv@XXXXXXXXX-NET.service failed.


Expected results:
- If the ldapserver can not provide extended controls, it should through error,
but should not crash
- This issue is allowing any authenticated user to bring down the server, by
just running a query


Additional info:

Metadata Update from @mreynolds:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1607078
5 years ago

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
5 years ago

https://pagure.io/389-ds-base/pull-request/49898

This fix just stops the crash, but server side sorting is not working at all. Need to file a new ticket to address that.

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None
- Issue close_status updated to: fixed
- Issue set to the milestone: 1.3.7.0 (was: 0.0 NEEDS_TRIAGE)
- Issue status updated to: Closed (was: Open)
5 years ago

commit c989e18 (master)

1642dbc..680336a 389-ds-base-1.3.8 -> 389-ds-base-1.3.8

b8d9157..063455b 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2949

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.