OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Incoming/7442
Full headers

From: tixu@cs.ucsd.edu
Subject: Data range of index_intlen
Compose comment
Download message
State:
0 replies:
0 followups:

Major security issue: yes  no

Notes:

Notification:


Date: Sat, 17 Nov 2012 00:19:49 +0000
From: tixu@cs.ucsd.edu
To: openldap-its@OpenLDAP.org
Subject: Data range of index_intlen
Full_Name: Tianyin Xu
Version: 2.4.33
OS: Ubuntu 12.04 (actually doesn't matter)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2607:f720:1300:1241:590b:49c:889f:7b21)


Hi, all,

I suggest to make the verbosity upon changing users' configuration settings,
especially some of the configuration specifications are not written in the
manpage. It's too strong to assume that all the users carefully read the source
code. This can save users' time to diagnose why slapd does not behave as their
expectation.

This ITS is for the "index_intlen" directive. 

---------- What the manpage says ----------

index_intlen <integer>

Specify  the  key  length  for ordered integer indices. The most
significant bytes of the binary integer will be used  for  index
keys.  The default value is 4, which provides exact indexing for
31 bit values.  A floating point representation is used to index
too large values.

------------------------------------------------------

Actually, 4 is not only the default value but also the minimum value. From the
source code, I knew the index_intlen is with the data range [4, 255]. Any
out-of-range value will be converted to the boundaries without notifying users.

Here's the patch I proposed:

--- ../openldap-2.4.33/servers/slapd/bconfig.c      2012-10-10
05:18:49.000000000 -0700
+++ servers/slapd/bconfig.c     2012-11-16 14:10:40.111362005 -0800
@@ -1754,10 +1754,16 @@
                        break;
 
                case CFG_IX_INTLEN:
-                       if ( c->value_int < SLAP_INDEX_INTLEN_DEFAULT )
+                       if ( c->value_int < SLAP_INDEX_INTLEN_DEFAULT ) {
+                                snprintf( c->cr_msg, sizeof(c->cr_msg),
"index_intlen=%d smaller than minimum value %d --> auto convert to the
minimum.",  c->value_int, SLAP_INDEX_INTLEN_DEFAULT);
+                                Debug(LDAP_DEBUG_ANY, "%s: %s.\n", c->log,
c->cr_msg, 0);
                                c->value_int = SLAP_INDEX_INTLEN_DEFAULT;
-                       else if ( c->value_int > 255 )
+                       }
+                       else if ( c->value_int > 255 ) {
+                                snprintf( c->cr_msg, sizeof(c->cr_msg),
"index_intlen=%d larger than maximum value 255 --> auto convert to the
maximum.",  c->value_int);
+                                Debug(LDAP_DEBUG_ANY, "%s: %s.\n", c->log,
c->cr_msg, 0);
                                c->value_int = 255;
+                       }
                        index_intlen = c->value_int;
                        index_intlen_strlen = SLAP_INDEX_INTLEN_STRLEN(
                                index_intlen );


Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org