[Date Prev][Date Next]
Re: (ITS#7759) Wrong parsing of LDAP message
> Full_Name: Lukas Slebodnik
> Version: 2.4.38
> OS: Fedora
> URL: ftp://ftp.openldap.org/incoming/Lukas-Slebodnik-131205.tar.gz
> Submission from: (NULL) (220.127.116.11)
Fixed now in git master.
> We(sssd) have an upstream ticket with crash.
> But after investigation, it was not problem in sssd, but in ldap library.
> sssd_be: ../../../libraries/liblber/io.c:108: ber_write: Assertion `buf !=
> ((void *)0)' failed.
> I think that problem is partially in user LDAP server, because server send wrong
> response for user binding with password policy. But on the other hand
> ldap_parse_result should not return LDAP_SUCCESS if incoming message is
> malformed, because it was a reason why 2nd ldap function
> ldap_parse_passwordpolicy_control crashed with abort.
> Reporter uses old ldap library on Centos 6.4, but I was able to reproduce with
> libraries from the latest version from git repo(master branch)
> I uploaded tarball Lukas-Slebodnik-131205.tar.gz with patch and two files with
> client-server communication (hexdump from wireshark). 1st with enabled password
> policy on server and 2nd with disabled PP. Problem occurs only with enabled
> password policy.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/