[Date Prev][Date Next] [Chronological] [Thread] [Top]

slapd segfaults on bad filter (ITS#854)



Full_Name: Mat
Version: 2.0.6
OS: Linux
URL: 
Submission from: (NULL) (193.251.34.135)


OpenLDAP 2.0.6, configured with --enable-sql --enable-debug

prompt> /usr/local/libexec/slapd -d 1
[...]
slapd starting

The server answers a request correctly if asked for objectClass=* for
instance.

Now, if we try:
ldapsearch -b 'o=example,c=com' -D <rootdn> -w <rootpw> 'foo=bar'
-h127.0.0.1

*** slapd trace:
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 43 contents:
ber_get_next
ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable)
do_bind
ber_scanf fmt ({iat) ber:
ber_scanf fmt (o}) ber:
do_bind: version=3 dn="<rootdn>" method=128
==>backsql_bind()
send_ldap_result: conn=0 op=0 p=3
send_ldap_response: msgid=1 tag=97 err=0
ber_flush: 14 bytes to sd 10
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 53 contents:
deferring operation
ber_get_next
ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable)
<==backsql_bind()
do_bind: v3 bind: "<rootdn>" to "<ROOTDN>"
send_ldap_result: conn=0 op=0 p=3
send_ldap_response: msgid=1 tag=97 err=0
ber_flush: 14 bytes to sd 10
do_search
ber_scanf fmt ({aiiiib) ber:
ber_scanf fmt ({oo}) ber:
ber_scanf fmt ({v}}) ber:
==>backsql_search(): base='O=EXAMPLE,C=COM', filter='(badfilter)',
scope=2, deref=0, attrsonly=0, attributes to load: all
==>backsql_get_db_conn()
==>backsql_open_db_conn()
backsql_open_db_conn(): connected, adding to tree
<==backsql_open_db_conn()
<==backsql_get_db_conn()
==>backsql_oc_get_candidates(): oc='document'
==>backsql_srch_query()
==>backsql_process_filter()
zsh: segmentation fault  /usr/local/libexec/slapd -d 1

*** client output:
version: 2

#
# filter: foo=bar
# requesting: ALL
#

ldap_result: Can't contact LDAP server