[Date Prev][Date Next] [Chronological] [Thread] [Top]

invalid group dn causes segfault in slapd (ITS#2467)



Full_Name: Quanah Gibson-Mount
Version: 2.1.17+index patch
OS: Solaris 8
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (171.64.19.82)


Hello,

I (accidently) found that if I have an invalid group dn in my ACL's (i.e., it
does not exist in the BDB database), that slapd will segfault when it attempts
to enumerate its members.

Example in my slapd.acl file:

access to dn.children="cn=People,dc=stanford,dc=edu"
filter=(suvisibidentity=stanford) attr=cn,sn,title,suothername,objectclass
by
  group.base="cn=Whois,cn=Applications,dc=stanford,dc=edu" read

where that group does not exist in my db.

--Quanah