[Date Prev][Date Next]
(ITS#7759) Wrong parsing of LDAP message
Full_Name: Lukas Slebodnik
Submission from: (NULL) (18.104.22.168)
We(sssd) have an upstream ticket with crash.
But after investigation, it was not problem in sssd, but in ldap library.
sssd_be: ../../../libraries/liblber/io.c:108: ber_write: Assertion `buf !=
((void *)0)' failed.
I think that problem is partially in user LDAP server, because server send wrong
response for user binding with password policy. But on the other hand
ldap_parse_result should not return LDAP_SUCCESS if incoming message is
malformed, because it was a reason why 2nd ldap function
ldap_parse_passwordpolicy_control crashed with abort.
Reporter uses old ldap library on Centos 6.4, but I was able to reproduce with
libraries from the latest version from git repo(master branch)
I uploaded tarball Lukas-Slebodnik-131205.tar.gz with patch and two files with
client-server communication (hexdump from wireshark). 1st with enabled password
policy on server and 2nd with disabled PP. Problem occurs only with enabled