OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Software Bugs/7477
Full headers

From: marco.pizzoli@gmail.com
Subject: ldapmodify core dumps
Compose comment
Download message
State:
0 replies:
1 followups: 1

Major security issue: yes  no

Notes:

Notification:


Date: Wed, 19 Dec 2012 13:20:22 +0000
From: marco.pizzoli@gmail.com
To: openldap-its@OpenLDAP.org
Subject: ldapmodify core dumps
Full_Name: Marco Pizzoli
Version: RE24 as of  2012/12/12
OS: Linux x86_64
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (194.11.209.11)


I composed an erroneous ldif file to modify an entry, I executed the ldapmodify
operation and the ldapmodify tool core dumped.

I can't provide the core dump, I'm sorry.

 
These are both the ldif  and the cmdline I used:

------------------------
dn: cn=my name,ou=my_ou,dc=mydc
changetype: add
add: objectClass
objectClass: posixAccount
-
add: userPassword
userPassword: {SASL}user@domain.dc
-
------------------------

ldapmodify -vvvv -x cn=my_admin -wpassword -h 127.0.0.1 -p 389 -f file.ldif
ldap_initialize( ldap://127.0.0.1:389 )
Segmentation fault (core dumped)

Followup 1

Download message
Date: Wed, 19 Dec 2012 09:15:49 -0800
From: Howard Chu <hyc@symas.com>
To: marco.pizzoli@gmail.com, openldap-its@openldap.org
Subject: Re: (ITS#7477) ldapmodify core dumps
marco.pizzoli@gmail.com wrote:
> Full_Name: Marco Pizzoli
> Version: RE24 as of  2012/12/12
> OS: Linux x86_64
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (194.11.209.11)
>
>
> I composed an erroneous ldif file to modify an entry, I executed the
ldapmodify
> operation and the ldapmodify tool core dumped.
>
> I can't provide the core dump, I'm sorry.

Thanks for the report, fixed now in master.
>
>
> These are both the ldif  and the cmdline I used:
>
> ------------------------
> dn: cn=my name,ou=my_ou,dc=mydc
> changetype: add
> add: objectClass
> objectClass: posixAccount
> -
> add: userPassword
> userPassword: {SASL}user@domain.dc
> -
> ------------------------
>
> ldapmodify -vvvv -x cn=my_admin -wpassword -h 127.0.0.1 -p 389 -f file.ldif
> ldap_initialize( ldap://127.0.0.1:389 )
> Segmentation fault (core dumped)
>
>


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/


Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org