[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7759) Wrong parsing of LDAP message

To: openldap-its@OpenLDAP.org
Subject: (ITS#7759) Wrong parsing of LDAP message
From: lslebodn@redhat.com
Date: Thu, 5 Dec 2013 17:22:25 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Lukas Slebodnik
Version: 2.4.38
OS: Fedora
URL: ftp://ftp.openldap.org/incoming/Lukas-Slebodnik-131205.tar.gz
Submission from: (NULL) (209.132.186.34)


We(sssd) have an upstream ticket with crash.
https://fedorahosted.org/sssd/ticket/2134
But after investigation, it was not problem in sssd, but in ldap library.

sssd_be: ../../../libraries/liblber/io.c:108: ber_write: Assertion `buf !=
((void *)0)' failed.

I think that problem is partially in user LDAP server, because server send wrong
response for user binding with password policy. But on the other hand
ldap_parse_result should not return LDAP_SUCCESS if incoming message is
malformed, because it was a reason why 2nd ldap function
ldap_parse_passwordpolicy_control crashed with abort.

Reporter uses old ldap library on Centos 6.4, but I was able to reproduce with
libraries from the latest version from git repo(master branch)

I uploaded tarball Lukas-Slebodnik-131205.tar.gz with patch and two files with
client-server communication (hexdump from wireshark). 1st with enabled password
policy on server and 2nd with disabled PP. Problem occurs only with enabled
password policy.

Prev by Date: Re: (ITS#7758) slapcat exports entire databases when given a non-existent base
Next by Date: (ITS#7760) query of a field with alias returns a different attribute name from requested
Index(es):
- Chronological
- Thread