[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_modify (ITS#238)

> Full_Name: Howard B Young
> Version: 1.2.4
> OS: solaris 2.6
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> Hello;
>   Starting with 1.2.4, a call to ldap_modify that contains a LDAPMod with a
> LDAP_MOD_DELETE request that tries to delete an attribute by passing a NULL
> mod_values or mod_bvalues causes the server to die with a segmentation error.
> Looks like the routine index_change_values in server/slapd/back-ldbm/index.c
> successfully performs an ldbm_cache_open and looks for attibutes to be deleted
> by
> means of a for loop that starts
>    for (i = 0; vals[i] != NULL; i++) {
> without checking for the possibilty that vals itself is NULL. Changing the line
> to
>    for (i = 0; (vals != NULL) && (vals[i] !=NULL); i++) {
> corrects the problem.  

Thanks for reporting this -- I've been compiling like crazy on two different
platforms trying to determine if this my mistake or not.

Another note on this:  on Alpha OSF 4.0e with LDBM=db2 (2.7.5), ldap_modify
appears to delete an attribute regardless of whether it violates objectclass
requirements.  From looking at the code in back-ldbm/modify.c, it looks like
all the add/delete/modify operations are performed *before* the schema check.
Then if the schema check fails, it returns (before updating indexes).

The result is that the operations is performed and the client receives and
error.  I've been experimenting with performing a "delete" operation on
the "cn" attribute of a "person" object.  At first it was just dumping
core.  After the patches to fix ITS#238 above, it no longer core-dumps
but rather does the above.

What has me baffled is that this all seems to work correctly on Solaris.
With the same version of the software, if I try to delete the cn attribute
from an object that requires it, I get an objectclass violation and the
attributes remains in the database.

Would somebody please take a look at this code and tell me if I'm going

Randy Kunkee
NeoSoft Inc.