[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: segmentation fault during authentication



On Fri, 18 Oct 2002, Kurt D. Zeilenga wrote:

> At 10:04 AM 2002-10-18, Greg Rowe wrote:
> >I am new to openldap so I am writing to the list rather than
> >submitting a bug report since I may be in error.
> >
> >I've discovered a way to make slapd seg fault.
> >
> >Using ldap_add() in a php4 script I made a userPassword attribute on a
> >posixAccount object contain "{SSHA}clearTextPassword".  Now, when I
> >attempt to bind using that object slapd seg faults.
>
> Sounds like a bug in the version of slapd(8) you are using.
>
> >The version of slapd is 2.0.23.
>
> Before reporting the bug, you should confirm that the problem
> exists in a current release version (2.0.27 or 2.1.7) of
> OpenLDAP Software.  If you can repeat it, please provide
> a stack back trace (gdb 'bt') from the core dump with the
> report.

I installed openldap 2.0.27 and was able to reproduce the problem.
The bug is if you put a string of the form
"{SSHA}Some_string_that_is_not_a_valid_hash" in the userPassword
attribute and then try to bind using that dn slapd will crash.  I will
fill out a bug report.

The backtrace is:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 2051 (LWP 16430)]
0x40188cad in memmove () from /lib/libc.so.6
(gdb) bt
#0  0x40188cad in memmove () from /lib/libc.so.6
#1  0x0807fa4d in strcpy ()
#2  0x080814b6 in strcpy ()
#3  0x0807f2b0 in strcpy ()
#4  0x0807ef3e in strcpy ()
#5  0x0806550b in strcpy ()
#6  0x08073c63 in strcpy ()
#7  0x0805d2cb in strcpy ()
#8  0x0804e87c in strcpy ()
#9  0x08082c02 in strcpy ()
#10 0x401060ba in pthread_start_thread () from /lib/libpthread.so.0
#11 0x40106101 in pthread_start_thread_event () from
/lib/libpthread.so.0
(gdb)


-- 
Greg Rowe
for((i = 0; i < 3; i++)); do
     echo There\'s no place like ~
done