[Date Prev][Date Next] [Chronological] [Thread] [Top]

=+= bug (ITS#273)

Hi Guys,

I think I know where the problem is coming from.

When doing a pattern search, slapd escapes the search string and
passes it to the regex library.  The function
servers/slapd/filterentry.c:strcpy_special() is supposed to escape
chars which the regex library would otherwise construe as special,
such as [],*,., etc.

Here's the bug: filterentry.c:test_substring_filter() calls
regcomp(re,pat,0).  The '0' selects POSIX Basic Regular Expression
syntax.  In my regex library, that means that '+' is an oridinary
char, while '\+' is a meta for match-one-or-more-times.
strcpy_special() translates '+' into '\+', converting it from an
oridinary char to a regex meta.

So, *=+= matches ===, ====, etc, but _not_ =+=

A bug in openldap, or a bug in glibc?  Who knows?  I have a new script
(hopefully it will work on your system) to demonstrate this.


#! /bin/sh
# bug-openldap-search-=+=
# Noel Burton-Krahn <noel@burton-krahn.com>
# Aug 23, 1999
# This script reproduces a bug in openldap.  It seems that sometimes
# vals which contain the sting '=+=' cannot be found with wildcards.
echo "testing ldap server at $LDAP_HOST:$LDAP_PORT"
echo -n "date: "

ldapadd -c -v -p "$LDAP_PORT" -D "$LDAP_BIND" -w "$LDAP_PASS" <<EOF
dn: cn=noel-bug-not-found,$LDAP_BASE
cn: not-found
sn: noel-bug
badsearch: =+=
description: This will not be found by '*=+='

dn: cn=noel-bug-found-wrong,$LDAP_BASE
cn: found-wrong
sn: noel-bug
badsearch: ===
description: This will be found by '*=+='


echo "search: $search should work"
ldapsearch -p "$LDAP_PORT" -b "$LDAP_BASE" $search

echo "search: $search should work"
ldapsearch -p "$LDAP_PORT" -b "$LDAP_BASE" $search

for search in "*=+=" "*=+=*" "=+=*"; do
    echo "search: $search should work (BUG: it doesn't)"
    ldapsearch -p "$LDAP_PORT" -b "$LDAP_BASE" $search

ldapsearch -p "$LDAP_PORT" -L sn=noel-bug dn | 
sed -n -e 's/^dn: //p' |
xargs -i ldapdelete -v -p "$LDAP_PORT" -D "$LDAP_BIND" -w "$LDAP_PASS" {}