[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#8092) slapd crash with sasl auxprop and empty suffix
- To: openldap-its@OpenLDAP.org
- Subject: (ITS#8092) slapd crash with sasl auxprop and empty suffix
- From: ryan@nardis.ca
- Date: Thu, 26 Mar 2015 04:51:44 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Full_Name: Ryan Tandy
Version: master, 2.4
OS: Debian
URL:
Submission from: (NULL) (24.68.37.4)
Based on a Debian bug report: https://bugs.debian.org/781162
./configure --enable-spasswd
cat > slapd.conf << EOF
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
database mdb
directory .
suffix ""
EOF
slapadd -f slapd.conf << EOF
dn: dc=com
objectClass: domain
dn: dc=example,dc=com
objectClass: domain
dn: uid=test,dc=example,dc=com
objectClass: account
objectClass: simpleSecurityObject
userPassword: {SASL}test@EXAMPLE.COM
EOF
ldapwhoami -x -D uid=test,dc=example,dc=com
Enter LDAP Password:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffeebab700 (LWP 28815)]
__strcmp_ssse3 () at ../sysdeps/x86_64/multiarch/../strcmp.S:210
210 ../sysdeps/x86_64/multiarch/../strcmp.S: No such file or directory.
(gdb) bt
#0 __strcmp_ssse3 () at ../sysdeps/x86_64/multiarch/../strcmp.S:210
#1 0x0000000000441689 in select_backend (dn=0x7fffeebaa1a8, noSubs=1) at
backend.c:704
#2 0x000000000049c7c2 in slap_auxprop_lookup (glob_context=0x0,
sparams=0x7fffe0001cd0, flags=0,
user=0x7fffe0001861 "test@EXAMPLE.COM", ulen=16) at sasl.c:370
#3 0x00007ffff7bc463b in _sasl_auxprop_lookup (sparams=0x7fffe0001cd0,
flags=flags@entry=0,
user=0x7fffe0001861 "test@EXAMPLE.COM", ulen=16) at ../../lib/auxprop.c:959
#4 0x00007ffff7bc5467 in _sasl_auxprop_lookup_user_props
(oparams=0x7fffe0001330, flags=3, conn=0x7fffe0000ac0)
at ../../lib/canonusr.c:220
#5 _sasl_canon_user_lookup (conn=conn@entry=0x7fffe0000ac0,
user=user@entry=0x7fffe0001460 "test@EXAMPLE.COM",
ulen=ulen@entry=0, flags=flags@entry=3,
oparams=oparams@entry=0x7fffe0001330) at ../../lib/canonusr.c:281
#6 0x00007ffff7bc5d39 in auxprop_verify_password (conn=0x7fffe0000ac0,
userstr=0x7fffe0001460 "test@EXAMPLE.COM",
passwd=0x7fffe0002696 "asdf", service=<optimized out>, user_realm=<optimized
out>) at ../../lib/checkpw.c:159
#7 0x00007ffff7bcee78 in _sasl_checkpass (conn=conn@entry=0x7fffe0000ac0,
user=0x7fffe0001460 "test@EXAMPLE.COM",
userlen=userlen@entry=16, pass=pass@entry=0x7fffe0002696 "asdf",
passlen=passlen@entry=4)
at ../../lib/server.c:1922
#8 0x00007ffff7bd1e50 in sasl_checkpass (conn=0x7fffe0000ac0, user=<optimized
out>, userlen=16,
pas3D0x0x7fffe0002696 "asdf", passlen=4) at ../../lib/server.c:1989
#9 0x000000000049e4db in chk_sasl (sc=0x8cac98, passwd=0x7fffeebaa8a0,
cred=0x7fffe0002700, text=0x7fffeebaaae0)
at sasl.c:990
#10 0x0000000000535278 in lutil_passwd (passwd=0x7fffe0003188,
cred=0x7fffe0002700, schemes=0x0, text=0x7fffeebaaae0)
at passwd.c:327
#11 0x0000000000474aa6 in slap_passwd_check (op=0x7fffe00026b0,
e=0x7fffe0002f28, a=0x7fffe0002fa8,
cred=0x7fffe0002700, text=0x7fffeebaaae0) at passwd.c:529
#12 0x00000000005088e7 in mdb_bind (op=0x7fffe00026b0, rs=0x7fffeebaaac0) at
bind.c:120
#13 0x00000000004584f6 in fe_op_bind (op=0x7fffe00026b0, rs=0x7fffeebaaac0) at
bind.c:383
#14 0x0000000000457bb4 in do_bind (op=0x7fffe00026b0, rs=0x7fffeebaaac0) at
bind.c:205
#15 0x000000000042f68a in connection_operation (ctx=0x7fffeebaabf0,
arg_v=0x7fffe00026b0) at connection.c:1134
#16 0x000000000042fc3a in connection_read_thread (ctx=0x7fffeebaabf0, argv=0xc)
at connection.c:1280
#17 0x00000000005401bf in ldap_int_thread_pool_wrapper (xpool=0x8b83c0) at
tpool.c:958
#18 0x00007ffff74750a4 in start_thread (arg=0x7fffeebab700) at
pthread_create.c:309
#19 0x00007ffff71aa04d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:111
I don't know how auxprop is intended to be configured; I'm going to follow up on
that when I have time. This is just about a segv that happens when
pwcheck_method is auxprop (the default) and the suffix is the empty string.