[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6947) ldapadd crashes with LDIFs with invalid line termination
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6947) ldapadd crashes with LDIFs with invalid line termination
- From: hyc@symas.com
- Date: Sat, 4 Jun 2011 02:27:53 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
jvcelak@redhat.com wrote:
> Full_Name: Jan Vcelak
> Version: 2.4.25
> OS: Linux
> URL: ftp://ftp.openldap.org/incoming/jvcelak-20110519-ldif-countlines.patch
> Submission from: (NULL) (209.132.186.34)
>
>
> Hello,
>
> adding entries to LDAP database from file using ldapadd tool causes memory
> corruption error, when the last line of the input file is not terminated by '\n'
> character.
Don't do that.
The LDIF specification says that all LDIF elements are terminated by SEP (CR
LF or LF). Anything not conforming to this is not valid LDIF. As usual,
garbage-in-garbage-out.
The entries are added correctly.
>
> All version since 2.4.23 are affected.
>
> $ cat>/tmp/input.ldif<< EOF
>> dn: cn=A,dc=my-domain,dc=com
>> objectClass: inetOrgPerson
>> objectClass: organizationalPerson
>> objectClass: person
>> objectClass: top
>> cn: A
>> sn: A
>> uid: A
>> mail: A@example.com
>> EOF
> $ wc -c /tmp/input.ldif
> 166 /tmp/input.ldif
> $ truncate -s 165 /tmp/input.ldif
> $ hexdump -c /tmp/input.ldif
> 0000000 d n : c n = A , d c = m y - d
> 0000010 o m a i n , d c = c o m \n o b j
> 0000020 e c t C l a s s : i n e t O r
> 0000030 g P e r s o n \n o b j e c t C l
> 0000040 a s s : o r g a n i z a t i o
> 0000050 n a l P e r s o n \n o b j e c t
> 0000060 C l a s s : p e r s o n \n o b
> 0000070 j e c t C l a s s : t o p \n c
> 0000080 n : A \n s n : A \n u i d :
> 0000090 A \n m a i l : A @ e x a m p l
> 00000a0 e . c o m
> 00000a5
> $ ldapadd -H ldap:// -D cn=Manager,dc=my-domain,dc=com -x -w password -f
> /tmp/input.ldif
> adding new entry "cn=A,dc=my-domain,dc=com"
>
> *** glibc detected *** ldapadd: free(): invalid pointer: 0x0000000001c435c8 ***
> ======= Backtrace: =========
> /lib64/libc.so.6[0x3626e76d63]
> ldapadd[0x404505]
> /lib64/libc.so.6(__libc_start_main+0xfd)[0x3626e1ee5d]
> ldapadd[0x4037e9]
> ======= Memory map: ========
> ...
>
> I am attaching proposed patch, which fixes this issue.
The patch uses a GNU-specific function. Since GLIBC is not supported on all of
the platforms OpenLDAP supports, the patch is not acceptable as-is.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/