[Date Prev][Date Next] [Chronological] [Thread] [Top]

JNDI and multiple adds corrupts DB (ITS#2152)

Full_Name: Quanah Gibson-Mount
Version: 2.1.5
OS: Solaris 8
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

System setup:

cyrus-sasl 2.1.7
Berkeley DB 4.0.14 + Openldap suggested patches
Kerberos5 1.2.1
Openldap 2.1.5
Openssl 0.9.6g
OS: Solaris 8

Following is example code snippet:

I attach the whole code. The crash happens at the red line. Could you try to
add same given name twice? Maybe the same value caused the crash. The
different value works. I should try to avoid it in the program, but it is
better not crash the directory. Some Error message will be better.

       name = "suRegID=118217f4e76411d184232436000baa77, cn=People,
dc=Stanford, dc=edu";

        // Specify the changes to make
        ModificationItem[] mods = new ModificationItem[3];

        mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
        new BasicAttribute("displayName", "Minh's Nguyen"));

        mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
        new BasicAttribute("suDisplaynameLF", "Nguyen, Minh-Thih"));

        mods[2] = new ModificationItem(DirContext.ADD_ATTRIBUTE,
        new BasicAttribute("givenName", "Minh"));

        // Perform the requested modifications on the named object
        ctx.modifyAttributes(name, mods);

When JNDI is used to perform an add when a value already exists (In this case,
givenName is already in the directory entry), slapd dies, and the DB is
corrupted.  Obviously, you would expect someone to use replace instead of add. 
Doing this on the command line properly comes back with an error message.