[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6504) Corrupted control value when using pagedresults with subordinate *ldap* database

Full_Name: Jonathan Clarke
Version: RE24
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

This is similar to ITS #5191 (http://www.openldap.org/its/?findid=5191), except
it happens with a subordinate LDAP database.

Consider this configuration :
database    ldap
suffix      "o=test,o=sub"
uri         "ldap://localhost:1234";
idassert-bind   mode=none bindmethod=simple flags=prescriptive timeout=0
network-timeout=0 binddn="cn=svc,o=test" credentials="verysecret"
idassert-authzFrom dn.regex:.*
single-conn yes 

overlay rwm 
rwm-suffixmassage "o=test,o=sub" "o=test"

database    null
suffix      "o=sub"
rootdn      "cn=Manager,o=sub"
rootpw      secret
overlay glue

A search with pagedResults control returns results as expected, but with a
response control containing some garbage:

result: 0 Success

Some gdb'ing shows that backglue copies over the pointers to rs->sr_ctrls into
glue_state->ctrls. But then, back-ldap's ldap_back_search does a
ldap_controls_free() on rs->sr_ctrls. And so, the returned control contains
garbage (mostly).

I haven't been able to come up with a patch yet, just commenting line 454 of
back-ldap/search.c works. Running out of time for now...