Full_Name: SATOH Fumiyasu Version: master OS: URL: ftp://ftp.openldap.org/incoming/0001-Fix-segfault-by-constraint_attribute-attr-size-count.patch Submission from: (NULL) (240b:10:2640:bf0:2268:9dff:fec7:5444) If slapd.conf has the following config, slapd segfault at startup. overlay constraint constraint_attribute memberUid size 0 # or constraint_attribute memberUid count 0
On Fri, Jan 10, 2014 at 04:40:39AM +0000, fumiyas@osstech.co.jp wrote: > If slapd.conf has the following config, slapd segfault at startup. > > overlay constraint > constraint_attribute memberUid size 0 > # or > constraint_attribute memberUid count 0 Hi, I've uploaded a fix to this issue and #7781 to ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20140915-ITS-7780-7781.tgz could you confirm it fixes the issues for you? The above patch is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the above patches were developed by Ondřej Kuzník <ondra@mistotebe.net>. I have not assigned rights and/or interest in this work to any party. I, Ondřej Kuzník, hereby place the above modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice. Cheers, Ondrej
changed notes changed state Open to Test moved from Incoming to Contrib
changed notes changed state Test to Open moved from Contrib to Incoming
Hello Ondrej, I tried your patch but it breaks test064-constraint. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Test moved from Incoming to Software Bugs
On Wed, Dec 17, 2014 at 03:33:32PM +0000, hyc@symas.com wrote: > Hello Ondrej, > I tried your patch but it breaks test064-constraint. Hi Howard, there is useless code that caused it to read an unitialized variable. A fix removing that code is at ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20141218-ITS-7781.patch Thanks for identifying and fixing the problem in the meantime.
On Thu, Dec 18, 2014 at 09:42:18PM +0000, ondra@mistotebe.net wrote: > Hi Howard, > there is useless code that caused it to read an unitialized variable. A > fix removing that code is at > ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20141218-ITS-7781.patch Nevermind that, that code is needed and I should be running static analysers more often when it's late.
ondra@mistotebe.net wrote: > On Wed, Dec 17, 2014 at 03:33:32PM +0000, hyc@symas.com wrote: >> Hello Ondrej, >> I tried your patch but it breaks test064-constraint. > > Hi Howard, > there is useless code that caused it to read an unitialized variable. A > fix removing that code is at > ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20141218-ITS-7781.patch > > Thanks for identifying and fixing the problem in the meantime. > Ok. But looking at this patch, the lines in question actually are needed, since they take care of errors in the cases for CONSTRAINT_COUNT and CONSTRAINT_SET. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
hyc@symas.com wrote: > ondra@mistotebe.net wrote: >> On Wed, Dec 17, 2014 at 03:33:32PM +0000, hyc@symas.com wrote: >>> Hello Ondrej, >>> I tried your patch but it breaks test064-constraint. >> >> Hi Howard, >> there is useless code that caused it to read an unitialized variable. A >> fix removing that code is at >> ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20141218-ITS-7781.patch >> >> Thanks for identifying and fixing the problem in the meantime. >> > Ok. But looking at this patch, the lines in question actually are > needed, since they take care of errors in the cases for CONSTRAINT_COUNT > and CONSTRAINT_SET. Just because I'm curious: What's the use-case for setting size and count to zero? If one wants to forbid an attribute completely one should probably use NOT in a DIT content rule for the STRUCTURAL object class. (This does not mean that this shouldn't be fixed though.) Just my 2 cents. Ciao, Michael.
On Fri, Dec 19, 2014 at 02:41:55AM +0000, michael@stroeder.com wrote: > Just because I'm curious: > > What's the use-case for setting size and count to zero? > > If one wants to forbid an attribute completely one should probably use > NOT in a DIT content rule for the STRUCTURAL object class. > (This does not mean that this shouldn't be fixed though.) I personally thought that OpenLDAP did not implement DIT content rules at all.
ondra@mistotebe.net wrote: > On Fri, Dec 19, 2014 at 02:41:55AM +0000, michael@stroeder.com wrote: >> Just because I'm curious: >> >> What's the use-case for setting size and count to zero? >> >> If one wants to forbid an attribute completely one should probably use >> NOT in a DIT content rule for the STRUCTURAL object class. >> (This does not mean that this shouldn't be fixed though.) > > I personally thought that OpenLDAP did not implement DIT content rules > at all. DIT *content* rules are implemented and I'm using NOT quite often to reject attributes I don't need in a deployment. Kind of a local profile for standard schema. DIT *structure* rules and name forms are not supported yet. Ciao, Michael.
changed notes changed state Test to Release
fixed in master fixed in RE25 fixed in RE24
changed notes changed state Release to Closed