openldap-bugs February 2020

openldap-bugs@openldap.org

20 participants
435 discussions

(ITS#9177) Finish the autoconf 2.69 upgrade
by ryan＠openldap.org 28 Feb '20

28 Feb '20

Full_Name: Ryan Tandy Version: master OS: URL: Submission from: (NULL) (70.66.128.207) Submitted by: ryan autoconf 2.69 upgrade was only partially completed. So far we have autoconf (6b81910fc) and autoheader (c2f75cd10). However running autoreconf 2.69 still generates more diffs. At least aclocal still needs to be run. This ITS is a reminder to check what else autoreconf does and check in the remaining changes. In future it might be good practice to get in the habit of running autoreconf instead of just autoconf. It tries and fails to run Automake, but that can probably be addressed (possibly by deleting the AM_INIT_AUTOMAKE call).

1 0

Re: (ITS#8639) Remove support for LANMAN
by michael＠stroeder.com 28 Feb '20

28 Feb '20

On 2/28/20 8:40 PM, ryan(a)nardis.ca wrote: > Are you aware of any scenarios where > sambaLMPassword is actually required today? Personally I'm more inclined > to just delete the code rather than #ifdef it; people can always grab > the older code if they really need that. +1 for hunking out LANMAN hashes completely. Ciao, Michael.

1 0

Re: (ITS#8639) Remove support for LANMAN
by ryan＠nardis.ca 28 Feb '20

28 Feb '20

Hello, On Thu, Feb 20, 2020 at 03:50:38PM +0000, fumiyas(a)osstech.co.jp wrote: >I've created a path for smbk5pwd to disable the insecure sambaLMPassword >support by default. Thanks for this patch. Are you aware of any scenarios where sambaLMPassword is actually required today? Personally I'm more inclined to just delete the code rather than #ifdef it; people can always grab the older code if they really need that.

1 0

Re: (ITS#9171) slapd with ppolicy and pwdAccountLockedTime crashes
by tokos＠ipp.cas.cz 21 Feb '20

21 Feb '20

--000000000000b0a76e059f255a73 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Ondrej, I really appreciate so quick fix. Regards Stanislav p=C3=A1 21. 2. 2020 v 11:49 odes=C3=ADlatel Ond=C5=99ej Kuzn=C3=ADk <ondra@= mistotebe.net> napsal: > On Mon, Feb 17, 2020 at 02:17:32PM +0000, tokos(a)ipp.cas.cz wrote: > > Hi Ondrej, > > > > I uploaded my configuration here(ftp.openldap.org/incoming) : > > Hi Stanislav, > thanks for the information, I have been able to reproduce the issue and > pushed a fix to master (commit 140b676bc1bd786f9fd1e7b047981e84b57cb354). > > Regards, > > -- > Ond=C5=99ej Kuzn=C3=ADk > Senior Software Engineer > Symas Corporation http://www.symas.com > Packaged, certified, and supported LDAP solutions powered by OpenLDAP > --000000000000b0a76e059f255a73 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>Hi Ondrej,</div><div><br></div><div>=C2=A0 I really a= ppreciate so quick fix. <br></div><div><br></div><div>Regards</div><div><br= ></div><div>Stanislav<br></div></div><br><div class=3D"gmail_quote"><div di= r=3D"ltr" class=3D"gmail_attr">p=C3=A1 21. 2. 2020 v=C2=A011:49 odes=C3=ADl= atel Ond=C5=99ej Kuzn=C3=ADk <<a href=3D"mailto:ondra@mistotebe.net">ond= ra(a)mistotebe.net</a>> napsal:<br></div><blockquote class=3D"gmail_quote"= style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);p= adding-left:1ex">On Mon, Feb 17, 2020 at 02:17:32PM +0000, <a href=3D"mailt= o:tokos@ipp.cas.cz" target=3D"_blank">tokos(a)ipp.cas.cz</a> wrote:<br> > Hi Ondrej,<br> > <br> >=C2=A0 =C2=A0I uploaded my configuration here(<a href=3D"http://ftp.ope= nldap.org/incoming" rel=3D"noreferrer" target=3D"_blank">ftp.openldap.org/i= ncoming</a>) :<br> <br> Hi Stanislav,<br> thanks for the information, I have been able to reproduce the issue and<br> pushed a fix to master (commit 140b676bc1bd786f9fd1e7b047981e84b57cb354).<b= r> <br> Regards,<br> <br> -- <br> Ond=C5=99ej Kuzn=C3=ADk<br> Senior Software Engineer<br> Symas Corporation=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0<a href=3D"http://www.symas.com" rel=3D"noreferr= er" target=3D"_blank">http://www.symas.com</a><br> Packaged, certified, and supported LDAP solutions powered by OpenLDAP<br> </blockquote></div> --000000000000b0a76e059f255a73--

1 0

Re: (ITS#9175) ldapsearch segfault
by quanah＠symas.com 21 Feb '20

21 Feb '20

Thanks for the report, suggested fix has been applied. Regards, Quanah --On Friday, February 21, 2020 8:38 PM +0000 lhaley(a)meditech.com wrote: > --0000000000003b4d37059f1c0189 > Content-Type: text/plain; charset="UTF-8" > Content-Transfer-Encoding: quoted-printable > > footnote: In my first followup, I intended to write "as I am quite > UNaccustomed to working with the data" > Cheers > > On Fri, Feb 21, 2020 at 3:27 PM Lexi Haley <lhaley(a)meditech.com> wrote: > >> FOUND THE ISSUE! So - in GDB , while paused in the "{mM}" processing >> tha= > t >> ber_scanf does (called from ldap_get_attribute_ber), I kept seeing the >> variable arguments list not properly setting off --- and sure enough, >> digging in memory, on the stack was 0x100000000 ... which was the cause >> = > of >> the eventual segfault. >> >> Well, backtracking to the ber_scanf call itself, I see a zero 0 which >> isn't cast to the ber_len_t type, and as such, will only occupy 4 bytes >> a= > s >> a sizeof int - instead of (( on my system 8, for sizeof (ber_len_t). So >> = > - >> the solution was just to cast the argument. So that the cookie.off =3D >> va_arg( ap, ber_len_t ); will unpack only bytes we've intentionally sent >> = > it >> -- not garbage left over. >> >> So - the change suggested is: >> >> >> diff --git a/libraries/libldap/getattr.c b/libraries/libldap/getattr.c >> index 31784d765..0300ea574 100644 >> --- a/libraries/libldap/getattr.c >> +++ b/libraries/libldap/getattr.c >> @@ -147,7 +147,7 @@ ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, >> BerElement *ber, >> >> /* skip sequence, snarf attribute type */ >> tag =3D ber_scanf( ber, vals ? "{mM}" : "{mx}", attr, >> val= > s, >> - &siz, 0 ); >> + &siz, (ber_len_t)0 ); >> if( tag =3D=3D LBER_ERROR ) { >> rc =3D ld->ld_errno =3D LDAP_DECODING_ERROR; >> } >> >> >> I hope you can take this haphazard issue submit, and do whatever is right >> with it - to get this patch considered. Thanks! >> >> >> >> On Fri, Feb 21, 2020 at 1:06 PM Lexi Haley <lhaley(a)meditech.com> wrote: >> >>> continuing notes - as I am quite accustomed to working with the data >>> structures and processes for LDAP - my hacky fudge was just that - and >>> a= > lso >>> useless. By bailing out at that point, ldapsearch doesn't list the >>> tag=3Dvalue results. I am continuing to dig around ... >>> >>> Lexi >>> >>> On Thu, Feb 20, 2020 at 3:09 PM <openldap-its(a)openldap.org> wrote: >>> >>>> >>>> *** THIS IS AN AUTOMATICALLY GENERATED REPLY *** >>>> >>>> Thanks for your report to the OpenLDAP Issue Tracking System. Your >>>> report has been assigned the tracking number ITS#9175. >>>> >>>> One of our support engineers will look at your report in due course. >>>> Note that this may take some time because our support engineers >>>> are volunteers. They only work on OpenLDAP when they have spare >>>> time. >>>> >>>> If you need to provide additional information in regards to your >>>> issue report, you may do so by replying to this message. Note that >>>> any mail sent to openldap-its(a)openldap.org with (ITS#9175) >>>> in the subject will automatically be attached to the issue report. >>>> >>>> mailto:openldap-its@openldap.org?subject=3D(ITS#9175) >>>> >>>> You may follow the progress of this report by loading the following >>>> URL in a web browser: >>>> http://www.OpenLDAP.org/its/index.cgi?findid=3D9175 >>>> >>>> Please remember to retain your issue tracking number (ITS#9175) >>>> on any further messages you send to us regarding this report. If >>>> you don't then you'll just waste our time and yours because we >>>> won't be able to properly track the report. >>>> >>>> Please note that the Issue Tracking System is not intended to >>>> be used to seek help in the proper use of OpenLDAP Software. >>>> Such requests will be closed. >>>> >>>> OpenLDAP Software is user supported. >>>> http://www.OpenLDAP.org/support/ >>>> >>>> -------------- >>>> Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved. >>>> >>>> >>> >>> -- >>> >>> Lexi Haley (she/her/hers) >>> >>> Computer Scientist, System Tools, Advanced Technology Division >>> >>> Medical Information Technology, Inc. >>> >>> Office: 781-774-5156 | Mobile: 508-713-2499 >>> >>> lhaley(a)meditech.com >>> >>> MEDITECH Circle, Westwood, MA 02090 >>> >>> Main: 781-821-3000 | Fax: 781-821-2199 >>> >> >> >> -- >> >> Lexi Haley (she/her/hers) >> >> Computer Scientist, System Tools, Advanced Technology Division >> >> Medical Information Technology, Inc. >> >> Office: 781-774-5156 | Mobile: 508-713-2499 >> >> lhaley(a)meditech.com >> >> MEDITECH Circle, Westwood, MA 02090 >> >> Main: 781-821-3000 | Fax: 781-821-2199 >> > > > --=20 > > Lexi Haley (she/her/hers) > > Computer Scientist, System Tools, Advanced Technology Division > > Medical Information Technology, Inc. > > Office: 781-774-5156 | Mobile: 508-713-2499 > > lhaley(a)meditech.com > > MEDITECH Circle, Westwood, MA 02090 > > Main: 781-821-3000 | Fax: 781-821-2199 > > --=20 > <https://ehr.meditech.com/expanse>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= > =A0 =20 > <https://www.linkedin.com/company/meditech>=C2=A0 =20 > <https://twitter.com/MEDITECH>=C2=A0=C2=A0 > <https://www.facebook.com/Medite= chEHR> > > Subscribe=20 > <https://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D864 > 29= > 9ec-5abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326>=20 > to receive emails from MEDITECH or to change email preferences. > > > --0000000000003b4d37059f1c0189 > Content-Type: text/html; charset="UTF-8" > Content-Transfer-Encoding: quoted-printable > > <div dir=3D"ltr">footnote:=C2=A0 In my first followup, I intended to > write= =C2=A0 "<span style=3D"color:rgb(0,0,0)">as I am quite > UNaccustomed to= working with the > data"</span><div>Cheers</div></div><br><div class=3D= > "gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Fri, Feb 21, 2020 > at= 3:27 PM Lexi Haley <<a > href=3D"mailto:lhaley@meditech.com">lhaley@medit= ech.com</a>> > wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"= margin:0px > 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-lef= > t:1ex"><div dir=3D"ltr">FOUND THE ISSUE!=C2=A0 So - in GDB , while paused > i= n the "{mM}" processing that ber_scanf does (called > from=C2=A0lda= p_get_attribute_ber), I kept seeing the variable arguments > list not properl= y setting off --- and sure enough, digging in memory, > on the stack was 0x10= 0000000 ...=C2=A0 which was the cause of the > eventual segfault.<div><br></d= iv><div>Well, backtracking to the > ber_scanf call itself, I see a zero 0 whi= ch isn't cast to the > ber_len_t type, and as such, will only occupy 4 by= tes as a > sizeof=C2=A0int - instead of (( on my system 8, for sizeof (ber_le= > n_t).=C2=A0 So - the solution was just=C2=A0to cast the argument.=C2=A0 > So = that the=C2=A0cookie.off =3D va_arg( ap, ber_len_t ); will unpack > only byte= s we've intentionally sent it -- not garbage left > over.</div><div><br><= /div><div>So - the change suggested > is:</div><div><br></div><div><br></div>= <div><font > face=3D"monospace">diff --git a/libraries/libldap/getattr.c b/li= > braries/libldap/getattr.c<br>index 31784d765..0300ea574 100644<br>--- > a/lib= raries/libldap/getattr.c<br>+++ > b/libraries/libldap/getattr.c<br>@@ -147,7 = +147,7 @@ > ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, BerElement = > *ber,<br><br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 /* > ski= p sequence, snarf attribute type */<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 > =C2=A0 = =C2=A0 =C2=A0 =C2=A0 tag =3D ber_scanf( ber, vals ? > "{mM}" : &quo= t;{mx}", attr, vals,<br>- =C2=A0 =C2=A0 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 > &siz, 0 );<br>+ =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0 =C2=A0 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 &siz, (ber_len= _t)0 );<br>=C2=A0 =C2=A0 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if( tag = =3D=3D LBER_ERROR ) > {<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 > =C2=A0 =C2=A0 =C2=A0 rc =3D ld->ld_errno =3D LDAP_DECODING= > _ERROR;<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 > }</font>= <br></div><div><br></div><div><br></div><div>I hope you can > take this hapha= zard issue submit, and do whatever is right with it - to > get this patch con= sidered.=C2=A0 > Thanks!</div><div><br></div><div><br></div></div><br><div cl= > ass=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Fri, Feb 21, > 2= 020 at 1:06 PM Lexi Haley <<a href=3D"mailto:lhaley@meditech.com" > target= =3D"_blank">lhaley(a)meditech.com</a>> > wrote:<br></div><blockquote class= =3D"gmail_quote" style=3D"margin:0px > 0px 0px 0.8ex;border-left:1px solid rg= > b(204,204,204);padding-left:1ex"><div dir=3D"ltr">continuing notes - as I > a= m quite accustomed to working with the data structures and processes > for LD= AP - my hacky fudge was just that - and also useless.=C2=A0 By > bailing out = at that point, ldapsearch doesn't list the tag=3Dvalue > results.=C2=A0 I= am continuing to dig around > ...<div><br></div><div>Lexi</div></div><br><di= v > class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, Feb 2= > 0, 2020 at 3:09 PM <<a href=3D"mailto:openldap-its@openldap.org" > target= =3D"_blank">openldap-its(a)openldap.org</a>> > wrote:<br></div><blockquote c= lass=3D"gmail_quote" style=3D"margin:0px > 0px 0px 0.8ex;border-left:1px soli= d > rgb(204,204,204);padding-left:1ex"><br> > *** THIS IS AN AUTOMATICALLY GENERATED REPLY ***<br> > <br> > Thanks for your report to the OpenLDAP Issue Tracking System.=C2=A0 > Your<br= >> > report has been assigned the tracking number ITS#9175.<br> > <br> > One of our support engineers will look at your report in due course.<br> > Note that this may take some time because our support engineers<br> > are volunteers.=C2=A0 They only work on OpenLDAP when they have spare<br> > time.<br> > <br> > If you need to provide additional information in regards to your<br> > issue report, you may do so by replying to this message.=C2=A0 Note > that<br= >> > any mail sent to <a href=3D"mailto:openldap-its@openldap.org" > target=3D"_bl= ank">openldap-its(a)openldap.org</a> with (ITS#9175)<br> > in the subject will automatically be attached to the issue report.<br> > <br> > =C2=A0 =C2=A0 =C2=A0 =C2=A0 mailto:<a > href=3D"mailto:openldap-its@openldap.= org" > target=3D"_blank">openldap-its(a)openldap.org</a>?subject=3D(ITS#9175)<b= r> > <br> > You may follow the progress of this report by loading the following<br> > URL in a web browser:<br> > =C2=A0 =C2=A0 <a > href=3D"http://www.OpenLDAP.org/its/index.cgi?findid=3D917= 5" > rel=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/its/index.c= > gi?findid=3D9175</a><br> > <br> > Please remember to retain your issue tracking number (ITS#9175)<br> > on any further messages you send to us regarding this report.=C2=A0 If<br> > you don't then you'll just waste our time and yours because we<br> > won't be able to properly track the report.<br> > <br> > Please note that the Issue Tracking System is not intended to<br> > be used to seek help in the proper use of OpenLDAP Software.<br> > Such requests will be closed.<br> > <br> > OpenLDAP Software is user supported.<br> > =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/support/" > re= l=3D"noreferrer" > target=3D"_blank">http://www.OpenLDAP.org/support/</a><br> <br> > --------------<br> > Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved.<br> > <br> > </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div > dir=3D"ltr"= >> <div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><p >> dir=3D"ltr= > " > style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom= > :0pt"><span > style=3D"font-size:13pt;font-family:Verdana;color:rgb(0,0,0);fo= > nt-weight:700;vertical-align:baseline;white-space:pre-wrap">Lexi Haley > </sp= an><span > style=3D"color:rgb(102,102,102);font-family:Verdana;font-size:13.3= > 333px;white-space:pre-wrap">(she/her/hers)</span></p><p dir=3D"ltr" style= > =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt" > ><= span > style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,102);ver= > tical-align:baseline;white-space:pre-wrap">Computer Scientist, System > Tools= , Advanced Technology Division</span></p><p dir=3D"ltr" > style=3D"color:rgb(= > 80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span > style=3D"= > font-size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align: > ba= seline;white-space:pre-wrap">Medical Information Technology, > Inc.</span></p= >> <p dir=3D"ltr" >> style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt= > ;margin-bottom:0pt"><span > style=3D"font-size:10pt;font-family:Verdana;color= > :rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Office: > 781= -774-5156 | Mobile: 508-713-2499</span></p><p > style=3D"color:rgb(80,0,80);l= > ine-height:1.38;margin-top:0pt;margin-bottom:0pt"><font > face=3D"Verdana"><s= pan > style=3D"font-size:13.3333px;white-space:pre-wrap"><a href=3D"mailto:lh= > aley(a)meditech.com" > target=3D"_blank">lhaley(a)meditech.com</a></span></font><= /p><p > dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0= > pt;margin-bottom:0pt"><span > style=3D"font-size:10pt;font-family:Verdana;col= > or:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">MEDITEC > H = Circle, Westwood, MA 02090</span></p><p dir=3D"ltr" > style=3D"color:rgb(80,0= > ,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span > style=3D"font= > -size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:base > li= ne;white-space:pre-wrap">Main: 781-821-3000 | Fax: > 781-821-2199</span></p><= /div></div></div></div></div></div> > </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div > dir=3D"ltr"= >> <div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><p >> dir=3D"ltr= > " > style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom= > :0pt"><span > style=3D"font-size:13pt;font-family:Verdana;color:rgb(0,0,0);fo= > nt-weight:700;vertical-align:baseline;white-space:pre-wrap">Lexi Haley > </sp= an><span > style=3D"color:rgb(102,102,102);font-family:Verdana;font-size:13.3= > 333px;white-space:pre-wrap">(she/her/hers)</span></p><p dir=3D"ltr" style= > =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt" > ><= span > style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,102);ver= > tical-align:baseline;white-space:pre-wrap">Computer Scientist, System > Tools= , Advanced Technology Division</span></p><p dir=3D"ltr" > style=3D"color:rgb(= > 80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span > style=3D"= > font-size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align: > ba= seline;white-space:pre-wrap">Medical Information Technology, > Inc.</span></p= >> <p dir=3D"ltr" >> style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt= > ;margin-bottom:0pt"><span > style=3D"font-size:10pt;font-family:Verdana;color= > :rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Office: > 781= -774-5156 | Mobile: 508-713-2499</span></p><p > style=3D"color:rgb(80,0,80);l= > ine-height:1.38;margin-top:0pt;margin-bottom:0pt"><font > face=3D"Verdana"><s= pan > style=3D"font-size:13.3333px;white-space:pre-wrap"><a href=3D"mailto:lh= > aley(a)meditech.com" > target=3D"_blank">lhaley(a)meditech.com</a></span></font><= /p><p > dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0= > pt;margin-bottom:0pt"><span > style=3D"font-size:10pt;font-family:Verdana;col= > or:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">MEDITEC > H = Circle, Westwood, MA 02090</span></p><p dir=3D"ltr" > style=3D"color:rgb(80,0= > ,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span > style=3D"font= > -size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:base > li= ne;white-space:pre-wrap">Main: 781-821-3000 | Fax: > 781-821-2199</span></p><= /div></div></div></div></div></div> > </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div > dir=3D"ltr"= class=3D"gmail_signature"><div dir=3D"ltr"><div><div > dir=3D"ltr"><div><div= dir=3D"ltr"><p dir=3D"ltr" > style=3D"color:rgb(80,0,80);line-height:1.38;ma= > rgin-top:0pt;margin-bottom:0pt"><span > style=3D"font-size:13pt;font-family:V= > erdana;color:rgb(0,0,0);font-weight:700;vertical-align:baseline;white-spa > ce= :pre-wrap">Lexi Haley </span><span > style=3D"color:rgb(102,102,102);font-fam= > ily:Verdana;font-size:13.3333px;white-space:pre-wrap">(she/her/hers)</spa > n>= </p><p dir=3D"ltr" > style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:= > 0pt;margin-bottom:0pt"><span > style=3D"font-size:10pt;font-family:Verdana;co= > lor:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Comput > er= Scientist, System Tools, Advanced Technology Division</span></p><p > dir=3D"= ltr" > style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bot= > tom:0pt"><span > style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,10= > 2,102);vertical-align:baseline;white-space:pre-wrap">Medical Information > Te= chnology, Inc.</span></p><p dir=3D"ltr" > style=3D"color:rgb(80,0,80);line-he= > ight:1.38;margin-top:0pt;margin-bottom:0pt"><span > style=3D"font-size:10pt;f= > ont-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-s > pa= ce:pre-wrap">Office: 781-774-5156 | Mobile: 508-713-2499</span></p><p > style= > =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt" > ><= font face=3D"Verdana"><span > style=3D"font-size:13.3333px;white-space:pre-wr= ap"><a > href=3D"mailto:lhaley@meditech.com" target=3D"_blank">lhaley@meditec= > h.com</a></span></font></p><p dir=3D"ltr" > style=3D"color:rgb(80,0,80);line-= > height:1.38;margin-top:0pt;margin-bottom:0pt"><span > style=3D"font-size:10pt= > ;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white > -s= pace:pre-wrap">MEDITECH Circle, Westwood, MA 02090</span></p><p > dir=3D"ltr"= > style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-botto > m:= 0pt"><span > style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,10= > 2);vertical-align:baseline;white-space:pre-wrap">Main: 781-821-3000 | > Fax: = 781-821-2199</span></p></div></div></div></div></div></div> > > <br> > <a href=3D"https://ehr.meditech.com/expanse" target=3D"_blank"><img > src=3D"= > https://home.meditech.com/en/d/home/images/meditechemailsignaturelogo2018 > ex= panse.jpg"></a><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a > href=3D"ht= tps://www.linkedin.com/company/meditech" > target=3D"_blank"><img src=3D"http= > s://home.meditech.com/en/d/home/images/emailsignaturelinkedin20pixels.gif > " = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0 > </span= >> <a href=3D"https://twitter.com/MEDITECH" target=3D"_blank"><img >> src=3D"htt= > ps://home.meditech.com/en/d/home/images/emailsignaturetwitter20pixels.gif > " = style=3D"font-size:1.3em"></a><span > style=3D"font-size:1.3em">=C2=A0=C2=A0<= /span><a > href=3D"https://www.facebook.com/MeditechEHR" target=3D"_blank"><i= mg > src=3D"https://home.meditech.com/en/d/home/images/emailsignaturefacebook= > 20pixels.gif" style=3D"font-size:1.3em"></a></div><div><div><a > href=3D"http= > s://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D864299ec > -5= abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326" > target= =3D"_blank"><span > style=3D"font-size:10pt;font-family:Verdana;color:rgb(17,= > 85,204);vertical-align:baseline;white-space:pre-wrap">Subscribe</span></a > ><= span > style=3D"font-size:10pt;font-family:Verdana;vertical-align:baseline;wh= > ite-space:pre-wrap"> </span><span > style=3D"font-size:10pt;font-family:Verda= > na;color:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">t > o = receive emails from MEDITECH or to change email > preferences.</span></div></= div> > --0000000000003b4d37059f1c0189-- > > > -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

Re: (ITS#9175) ldapsearch segfault
by lhaley＠meditech.com 21 Feb '20

21 Feb '20

--0000000000003b4d37059f1c0189 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable footnote: In my first followup, I intended to write "as I am quite UNaccustomed to working with the data" Cheers On Fri, Feb 21, 2020 at 3:27 PM Lexi Haley <lhaley(a)meditech.com> wrote: > FOUND THE ISSUE! So - in GDB , while paused in the "{mM}" processing tha= t > ber_scanf does (called from ldap_get_attribute_ber), I kept seeing the > variable arguments list not properly setting off --- and sure enough, > digging in memory, on the stack was 0x100000000 ... which was the cause = of > the eventual segfault. > > Well, backtracking to the ber_scanf call itself, I see a zero 0 which > isn't cast to the ber_len_t type, and as such, will only occupy 4 bytes a= s > a sizeof int - instead of (( on my system 8, for sizeof (ber_len_t). So = - > the solution was just to cast the argument. So that the cookie.off =3D > va_arg( ap, ber_len_t ); will unpack only bytes we've intentionally sent = it > -- not garbage left over. > > So - the change suggested is: > > > diff --git a/libraries/libldap/getattr.c b/libraries/libldap/getattr.c > index 31784d765..0300ea574 100644 > --- a/libraries/libldap/getattr.c > +++ b/libraries/libldap/getattr.c > @@ -147,7 +147,7 @@ ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, > BerElement *ber, > > /* skip sequence, snarf attribute type */ > tag =3D ber_scanf( ber, vals ? "{mM}" : "{mx}", attr, val= s, > - &siz, 0 ); > + &siz, (ber_len_t)0 ); > if( tag =3D=3D LBER_ERROR ) { > rc =3D ld->ld_errno =3D LDAP_DECODING_ERROR; > } > > > I hope you can take this haphazard issue submit, and do whatever is right > with it - to get this patch considered. Thanks! > > > > On Fri, Feb 21, 2020 at 1:06 PM Lexi Haley <lhaley(a)meditech.com> wrote: > >> continuing notes - as I am quite accustomed to working with the data >> structures and processes for LDAP - my hacky fudge was just that - and a= lso >> useless. By bailing out at that point, ldapsearch doesn't list the >> tag=3Dvalue results. I am continuing to dig around ... >> >> Lexi >> >> On Thu, Feb 20, 2020 at 3:09 PM <openldap-its(a)openldap.org> wrote: >> >>> >>> *** THIS IS AN AUTOMATICALLY GENERATED REPLY *** >>> >>> Thanks for your report to the OpenLDAP Issue Tracking System. Your >>> report has been assigned the tracking number ITS#9175. >>> >>> One of our support engineers will look at your report in due course. >>> Note that this may take some time because our support engineers >>> are volunteers. They only work on OpenLDAP when they have spare >>> time. >>> >>> If you need to provide additional information in regards to your >>> issue report, you may do so by replying to this message. Note that >>> any mail sent to openldap-its(a)openldap.org with (ITS#9175) >>> in the subject will automatically be attached to the issue report. >>> >>> mailto:openldap-its@openldap.org?subject=3D(ITS#9175) >>> >>> You may follow the progress of this report by loading the following >>> URL in a web browser: >>> http://www.OpenLDAP.org/its/index.cgi?findid=3D9175 >>> >>> Please remember to retain your issue tracking number (ITS#9175) >>> on any further messages you send to us regarding this report. If >>> you don't then you'll just waste our time and yours because we >>> won't be able to properly track the report. >>> >>> Please note that the Issue Tracking System is not intended to >>> be used to seek help in the proper use of OpenLDAP Software. >>> Such requests will be closed. >>> >>> OpenLDAP Software is user supported. >>> http://www.OpenLDAP.org/support/ >>> >>> -------------- >>> Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved. >>> >>> >> >> -- >> >> Lexi Haley (she/her/hers) >> >> Computer Scientist, System Tools, Advanced Technology Division >> >> Medical Information Technology, Inc. >> >> Office: 781-774-5156 | Mobile: 508-713-2499 >> >> lhaley(a)meditech.com >> >> MEDITECH Circle, Westwood, MA 02090 >> >> Main: 781-821-3000 | Fax: 781-821-2199 >> > > > -- > > Lexi Haley (she/her/hers) > > Computer Scientist, System Tools, Advanced Technology Division > > Medical Information Technology, Inc. > > Office: 781-774-5156 | Mobile: 508-713-2499 > > lhaley(a)meditech.com > > MEDITECH Circle, Westwood, MA 02090 > > Main: 781-821-3000 | Fax: 781-821-2199 > --=20 Lexi Haley (she/her/hers) Computer Scientist, System Tools, Advanced Technology Division Medical Information Technology, Inc. Office: 781-774-5156 | Mobile: 508-713-2499 lhaley(a)meditech.com MEDITECH Circle, Westwood, MA 02090 Main: 781-821-3000 | Fax: 781-821-2199 --=20 <https://ehr.meditech.com/expanse>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =20 <https://www.linkedin.com/company/meditech>=C2=A0 =20 <https://twitter.com/MEDITECH>=C2=A0=C2=A0 <https://www.facebook.com/Medite= chEHR> Subscribe=20 <https://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D86429= 9ec-5abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326>=20 to receive emails from MEDITECH or to change email preferences. --0000000000003b4d37059f1c0189 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">footnote:=C2=A0 In my first followup, I intended to write= =C2=A0 "<span style=3D"color:rgb(0,0,0)">as I am quite UNaccustomed to= working with the data"</span><div>Cheers</div></div><br><div class=3D= "gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Fri, Feb 21, 2020 at= 3:27 PM Lexi Haley <<a href=3D"mailto:lhaley@meditech.com">lhaley@medit= ech.com</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"= margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-lef= t:1ex"><div dir=3D"ltr">FOUND THE ISSUE!=C2=A0 So - in GDB , while paused i= n the "{mM}" processing that ber_scanf does (called from=C2=A0lda= p_get_attribute_ber), I kept seeing the variable arguments list not properl= y setting off --- and sure enough, digging in memory, on the stack was 0x10= 0000000 ...=C2=A0 which was the cause of the eventual segfault.<div><br></d= iv><div>Well, backtracking to the ber_scanf call itself, I see a zero 0 whi= ch isn't cast to the ber_len_t type, and as such, will only occupy 4 by= tes as a sizeof=C2=A0int - instead of (( on my system 8, for sizeof (ber_le= n_t).=C2=A0 So - the solution was just=C2=A0to cast the argument.=C2=A0 So = that the=C2=A0cookie.off =3D va_arg( ap, ber_len_t ); will unpack only byte= s we've intentionally sent it -- not garbage left over.</div><div><br><= /div><div>So - the change suggested is:</div><div><br></div><div><br></div>= <div><font face=3D"monospace">diff --git a/libraries/libldap/getattr.c b/li= braries/libldap/getattr.c<br>index 31784d765..0300ea574 100644<br>--- a/lib= raries/libldap/getattr.c<br>+++ b/libraries/libldap/getattr.c<br>@@ -147,7 = +147,7 @@ ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, BerElement = *ber,<br><br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 /* ski= p sequence, snarf attribute type */<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 tag =3D ber_scanf( ber, vals ? "{mM}" : &quo= t;{mx}", attr, vals,<br>- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 &siz, 0 );<br>+ =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 &siz, (ber_len= _t)0 );<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if( tag = =3D=3D LBER_ERROR ) {<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 rc =3D ld->ld_errno =3D LDAP_DECODING= _ERROR;<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }</font>= <br></div><div><br></div><div><br></div><div>I hope you can take this hapha= zard issue submit, and do whatever is right with it - to get this patch con= sidered.=C2=A0 Thanks!</div><div><br></div><div><br></div></div><br><div cl= ass=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Fri, Feb 21, 2= 020 at 1:06 PM Lexi Haley <<a href=3D"mailto:lhaley@meditech.com" target= =3D"_blank">lhaley(a)meditech.com</a>> wrote:<br></div><blockquote class= =3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rg= b(204,204,204);padding-left:1ex"><div dir=3D"ltr">continuing notes - as I a= m quite accustomed to working with the data structures and processes for LD= AP - my hacky fudge was just that - and also useless.=C2=A0 By bailing out = at that point, ldapsearch doesn't list the tag=3Dvalue results.=C2=A0 I= am continuing to dig around ...<div><br></div><div>Lexi</div></div><br><di= v class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, Feb 2= 0, 2020 at 3:09 PM <<a href=3D"mailto:openldap-its@openldap.org" target= =3D"_blank">openldap-its(a)openldap.org</a>> wrote:<br></div><blockquote c= lass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px soli= d rgb(204,204,204);padding-left:1ex"><br> *** THIS IS AN AUTOMATICALLY GENERATED REPLY ***<br> <br> Thanks for your report to the OpenLDAP Issue Tracking System.=C2=A0 Your<br= > report has been assigned the tracking number ITS#9175.<br> <br> One of our support engineers will look at your report in due course.<br> Note that this may take some time because our support engineers<br> are volunteers.=C2=A0 They only work on OpenLDAP when they have spare<br> time.<br> <br> If you need to provide additional information in regards to your<br> issue report, you may do so by replying to this message.=C2=A0 Note that<br= > any mail sent to <a href=3D"mailto:openldap-its@openldap.org" target=3D"_bl= ank">openldap-its(a)openldap.org</a> with (ITS#9175)<br> in the subject will automatically be attached to the issue report.<br> <br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 mailto:<a href=3D"mailto:openldap-its@openldap.= org" target=3D"_blank">openldap-its(a)openldap.org</a>?subject=3D(ITS#9175)<b= r> <br> You may follow the progress of this report by loading the following<br> URL in a web browser:<br> =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/its/index.cgi?findid=3D917= 5" rel=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/its/index.c= gi?findid=3D9175</a><br> <br> Please remember to retain your issue tracking number (ITS#9175)<br> on any further messages you send to us regarding this report.=C2=A0 If<br> you don't then you'll just waste our time and yours because we<br> won't be able to properly track the report.<br> <br> Please note that the Issue Tracking System is not intended to<br> be used to seek help in the proper use of OpenLDAP Software.<br> Such requests will be closed.<br> <br> OpenLDAP Software is user supported.<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/support/" re= l=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/support/</a><br> <br> --------------<br> Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved.<br> <br> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= ><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><p dir=3D"ltr= " style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom= :0pt"><span style=3D"font-size:13pt;font-family:Verdana;color:rgb(0,0,0);fo= nt-weight:700;vertical-align:baseline;white-space:pre-wrap">Lexi Haley </sp= an><span style=3D"color:rgb(102,102,102);font-family:Verdana;font-size:13.3= 333px;white-space:pre-wrap">(she/her/hers)</span></p><p dir=3D"ltr" style= =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><= span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,102);ver= tical-align:baseline;white-space:pre-wrap">Computer Scientist, System Tools= , Advanced Technology Division</span></p><p dir=3D"ltr" style=3D"color:rgb(= 80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"= font-size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:ba= seline;white-space:pre-wrap">Medical Information Technology, Inc.</span></p= ><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt= ;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;color= :rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Office: 781= -774-5156 | Mobile: 508-713-2499</span></p><p style=3D"color:rgb(80,0,80);l= ine-height:1.38;margin-top:0pt;margin-bottom:0pt"><font face=3D"Verdana"><s= pan style=3D"font-size:13.3333px;white-space:pre-wrap"><a href=3D"mailto:lh= aley(a)meditech.com" target=3D"_blank">lhaley(a)meditech.com</a></span></font><= /p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0= pt;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;col= or:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">MEDITECH = Circle, Westwood, MA 02090</span></p><p dir=3D"ltr" style=3D"color:rgb(80,0= ,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font= -size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseli= ne;white-space:pre-wrap">Main: 781-821-3000 | Fax: 781-821-2199</span></p><= /div></div></div></div></div></div> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= ><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><p dir=3D"ltr= " style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom= :0pt"><span style=3D"font-size:13pt;font-family:Verdana;color:rgb(0,0,0);fo= nt-weight:700;vertical-align:baseline;white-space:pre-wrap">Lexi Haley </sp= an><span style=3D"color:rgb(102,102,102);font-family:Verdana;font-size:13.3= 333px;white-space:pre-wrap">(she/her/hers)</span></p><p dir=3D"ltr" style= =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><= span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,102);ver= tical-align:baseline;white-space:pre-wrap">Computer Scientist, System Tools= , Advanced Technology Division</span></p><p dir=3D"ltr" style=3D"color:rgb(= 80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"= font-size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:ba= seline;white-space:pre-wrap">Medical Information Technology, Inc.</span></p= ><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt= ;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;color= :rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Office: 781= -774-5156 | Mobile: 508-713-2499</span></p><p style=3D"color:rgb(80,0,80);l= ine-height:1.38;margin-top:0pt;margin-bottom:0pt"><font face=3D"Verdana"><s= pan style=3D"font-size:13.3333px;white-space:pre-wrap"><a href=3D"mailto:lh= aley(a)meditech.com" target=3D"_blank">lhaley(a)meditech.com</a></span></font><= /p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0= pt;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;col= or:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">MEDITECH = Circle, Westwood, MA 02090</span></p><p dir=3D"ltr" style=3D"color:rgb(80,0= ,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font= -size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseli= ne;white-space:pre-wrap">Main: 781-821-3000 | Fax: 781-821-2199</span></p><= /div></div></div></div></div></div> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= class=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div= dir=3D"ltr"><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;ma= rgin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:13pt;font-family:V= erdana;color:rgb(0,0,0);font-weight:700;vertical-align:baseline;white-space= :pre-wrap">Lexi Haley </span><span style=3D"color:rgb(102,102,102);font-fam= ily:Verdana;font-size:13.3333px;white-space:pre-wrap">(she/her/hers)</span>= </p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:= 0pt;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;co= lor:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Computer= Scientist, System Tools, Advanced Technology Division</span></p><p dir=3D"= ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bot= tom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,10= 2,102);vertical-align:baseline;white-space:pre-wrap">Medical Information Te= chnology, Inc.</span></p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-he= ight:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:10pt;f= ont-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-spa= ce:pre-wrap">Office: 781-774-5156 | Mobile: 508-713-2499</span></p><p style= =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><= font face=3D"Verdana"><span style=3D"font-size:13.3333px;white-space:pre-wr= ap"><a href=3D"mailto:lhaley@meditech.com" target=3D"_blank">lhaley@meditec= h.com</a></span></font></p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-= height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:10pt= ;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-s= pace:pre-wrap">MEDITECH Circle, Westwood, MA 02090</span></p><p dir=3D"ltr"= style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:= 0pt"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,10= 2);vertical-align:baseline;white-space:pre-wrap">Main: 781-821-3000 | Fax: = 781-821-2199</span></p></div></div></div></div></div></div> <br> <a href=3D"https://ehr.meditech.com/expanse" target=3D"_blank"><img src=3D"= https://home.meditech.com/en/d/home/images/meditechemailsignaturelogo2018ex= panse.jpg"></a><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"ht= tps://www.linkedin.com/company/meditech" target=3D"_blank"><img src=3D"http= s://home.meditech.com/en/d/home/images/emailsignaturelinkedin20pixels.gif" = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0 </span= ><a href=3D"https://twitter.com/MEDITECH" target=3D"_blank"><img src=3D"htt= ps://home.meditech.com/en/d/home/images/emailsignaturetwitter20pixels.gif" = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0=C2=A0<= /span><a href=3D"https://www.facebook.com/MeditechEHR" target=3D"_blank"><i= mg src=3D"https://home.meditech.com/en/d/home/images/emailsignaturefacebook= 20pixels.gif" style=3D"font-size:1.3em"></a></div><div><div><a href=3D"http= s://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D864299ec-5= abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326" target= =3D"_blank"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(17,= 85,204);vertical-align:baseline;white-space:pre-wrap">Subscribe</span></a><= span style=3D"font-size:10pt;font-family:Verdana;vertical-align:baseline;wh= ite-space:pre-wrap"> </span><span style=3D"font-size:10pt;font-family:Verda= na;color:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">to = receive emails from MEDITECH or to change email preferences.</span></div></= div> --0000000000003b4d37059f1c0189--

1 0

Re: (ITS#9175) ldapsearch segfault
by lhaley＠meditech.com 21 Feb '20

21 Feb '20

--00000000000062d6a8059f1bda34 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable FOUND THE ISSUE! So - in GDB , while paused in the "{mM}" processing that ber_scanf does (called from ldap_get_attribute_ber), I kept seeing the variable arguments list not properly setting off --- and sure enough, digging in memory, on the stack was 0x100000000 ... which was the cause of the eventual segfault. Well, backtracking to the ber_scanf call itself, I see a zero 0 which isn't cast to the ber_len_t type, and as such, will only occupy 4 bytes as a sizeof int - instead of (( on my system 8, for sizeof (ber_len_t). So - the solution was just to cast the argument. So that the cookie.off =3D va_arg( ap, ber_len_t ); will unpack only bytes we've intentionally sent it -- not garbage left over. So - the change suggested is: diff --git a/libraries/libldap/getattr.c b/libraries/libldap/getattr.c index 31784d765..0300ea574 100644 --- a/libraries/libldap/getattr.c +++ b/libraries/libldap/getattr.c @@ -147,7 +147,7 @@ ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, BerElement *ber, /* skip sequence, snarf attribute type */ tag =3D ber_scanf( ber, vals ? "{mM}" : "{mx}", attr, vals, - &siz, 0 ); + &siz, (ber_len_t)0 ); if( tag =3D=3D LBER_ERROR ) { rc =3D ld->ld_errno =3D LDAP_DECODING_ERROR; } I hope you can take this haphazard issue submit, and do whatever is right with it - to get this patch considered. Thanks! On Fri, Feb 21, 2020 at 1:06 PM Lexi Haley <lhaley(a)meditech.com> wrote: > continuing notes - as I am quite accustomed to working with the data > structures and processes for LDAP - my hacky fudge was just that - and al= so > useless. By bailing out at that point, ldapsearch doesn't list the > tag=3Dvalue results. I am continuing to dig around ... > > Lexi > > On Thu, Feb 20, 2020 at 3:09 PM <openldap-its(a)openldap.org> wrote: > >> >> *** THIS IS AN AUTOMATICALLY GENERATED REPLY *** >> >> Thanks for your report to the OpenLDAP Issue Tracking System. Your >> report has been assigned the tracking number ITS#9175. >> >> One of our support engineers will look at your report in due course. >> Note that this may take some time because our support engineers >> are volunteers. They only work on OpenLDAP when they have spare >> time. >> >> If you need to provide additional information in regards to your >> issue report, you may do so by replying to this message. Note that >> any mail sent to openldap-its(a)openldap.org with (ITS#9175) >> in the subject will automatically be attached to the issue report. >> >> mailto:openldap-its@openldap.org?subject=3D(ITS#9175) >> >> You may follow the progress of this report by loading the following >> URL in a web browser: >> http://www.OpenLDAP.org/its/index.cgi?findid=3D9175 >> >> Please remember to retain your issue tracking number (ITS#9175) >> on any further messages you send to us regarding this report. If >> you don't then you'll just waste our time and yours because we >> won't be able to properly track the report. >> >> Please note that the Issue Tracking System is not intended to >> be used to seek help in the proper use of OpenLDAP Software. >> Such requests will be closed. >> >> OpenLDAP Software is user supported. >> http://www.OpenLDAP.org/support/ >> >> -------------- >> Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved. >> >> > > -- > > Lexi Haley (she/her/hers) > > Computer Scientist, System Tools, Advanced Technology Division > > Medical Information Technology, Inc. > > Office: 781-774-5156 | Mobile: 508-713-2499 > > lhaley(a)meditech.com > > MEDITECH Circle, Westwood, MA 02090 > > Main: 781-821-3000 | Fax: 781-821-2199 > --=20 Lexi Haley (she/her/hers) Computer Scientist, System Tools, Advanced Technology Division Medical Information Technology, Inc. Office: 781-774-5156 | Mobile: 508-713-2499 lhaley(a)meditech.com MEDITECH Circle, Westwood, MA 02090 Main: 781-821-3000 | Fax: 781-821-2199 --=20 <https://ehr.meditech.com/expanse>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =20 <https://www.linkedin.com/company/meditech>=C2=A0 =20 <https://twitter.com/MEDITECH>=C2=A0=C2=A0 <https://www.facebook.com/Medite= chEHR> Subscribe=20 <https://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D86429= 9ec-5abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326>=20 to receive emails from MEDITECH or to change email preferences. --00000000000062d6a8059f1bda34 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">FOUND THE ISSUE!=C2=A0 So - in GDB , while paused in the &= quot;{mM}" processing that ber_scanf does (called from=C2=A0ldap_get_a= ttribute_ber), I kept seeing the variable arguments list not properly setti= ng off --- and sure enough, digging in memory, on the stack was 0x100000000= ...=C2=A0 which was the cause of the eventual segfault.<div><br></div><div= >Well, backtracking to the ber_scanf call itself, I see a zero 0 which isn&= #39;t cast to the ber_len_t type, and as such, will only occupy 4 bytes as = a sizeof=C2=A0int - instead of (( on my system 8, for sizeof (ber_len_t).= =C2=A0 So - the solution was just=C2=A0to cast the argument.=C2=A0 So that = the=C2=A0cookie.off =3D va_arg( ap, ber_len_t ); will unpack only bytes we&= #39;ve intentionally sent it -- not garbage left over.</div><div><br></div>= <div>So - the change suggested is:</div><div><br></div><div><br></div><div>= <font face=3D"monospace">diff --git a/libraries/libldap/getattr.c b/librari= es/libldap/getattr.c<br>index 31784d765..0300ea574 100644<br>--- a/librarie= s/libldap/getattr.c<br>+++ b/libraries/libldap/getattr.c<br>@@ -147,7 +147,= 7 @@ ldap_get_attribute_ber( LDAP *ld, LDAPMessage *entry, BerElement *ber,= <br><br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 /* skip seq= uence, snarf attribute type */<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 tag =3D ber_scanf( ber, vals ? "{mM}" : "{mx}= ", attr, vals,<br>- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 &siz, 0 );<br>+ =C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 &siz, (ber_len_t)0 );= <br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if( tag =3D=3D = LBER_ERROR ) {<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 rc =3D ld->ld_errno =3D LDAP_DECODING_ERROR;= <br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 }</font><br></d= iv><div><br></div><div><br></div><div>I hope you can take this haphazard is= sue submit, and do whatever is right with it - to get this patch considered= .=C2=A0 Thanks!</div><div><br></div><div><br></div></div><br><div class=3D"= gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Fri, Feb 21, 2020 at = 1:06 PM Lexi Haley <<a href=3D"mailto:lhaley@meditech.com">lhaley@medite= ch.com</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"m= argin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left= :1ex"><div dir=3D"ltr">continuing notes - as I am quite accustomed to worki= ng with the data structures and processes for LDAP - my hacky fudge was jus= t that - and also useless.=C2=A0 By bailing out at that point, ldapsearch d= oesn't list the tag=3Dvalue results.=C2=A0 I am continuing to dig aroun= d ...<div><br></div><div>Lexi</div></div><br><div class=3D"gmail_quote"><di= v dir=3D"ltr" class=3D"gmail_attr">On Thu, Feb 20, 2020 at 3:09 PM <<a h= ref=3D"mailto:openldap-its@openldap.org" target=3D"_blank">openldap-its@ope= nldap.org</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style= =3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding= -left:1ex"><br> *** THIS IS AN AUTOMATICALLY GENERATED REPLY ***<br> <br> Thanks for your report to the OpenLDAP Issue Tracking System.=C2=A0 Your<br= > report has been assigned the tracking number ITS#9175.<br> <br> One of our support engineers will look at your report in due course.<br> Note that this may take some time because our support engineers<br> are volunteers.=C2=A0 They only work on OpenLDAP when they have spare<br> time.<br> <br> If you need to provide additional information in regards to your<br> issue report, you may do so by replying to this message.=C2=A0 Note that<br= > any mail sent to <a href=3D"mailto:openldap-its@openldap.org" target=3D"_bl= ank">openldap-its(a)openldap.org</a> with (ITS#9175)<br> in the subject will automatically be attached to the issue report.<br> <br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 mailto:<a href=3D"mailto:openldap-its@openldap.= org" target=3D"_blank">openldap-its(a)openldap.org</a>?subject=3D(ITS#9175)<b= r> <br> You may follow the progress of this report by loading the following<br> URL in a web browser:<br> =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/its/index.cgi?findid=3D917= 5" rel=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/its/index.c= gi?findid=3D9175</a><br> <br> Please remember to retain your issue tracking number (ITS#9175)<br> on any further messages you send to us regarding this report.=C2=A0 If<br> you don't then you'll just waste our time and yours because we<br> won't be able to properly track the report.<br> <br> Please note that the Issue Tracking System is not intended to<br> be used to seek help in the proper use of OpenLDAP Software.<br> Such requests will be closed.<br> <br> OpenLDAP Software is user supported.<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/support/" re= l=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/support/</a><br> <br> --------------<br> Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved.<br> <br> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= ><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><p dir=3D"ltr= " style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom= :0pt"><span style=3D"font-size:13pt;font-family:Verdana;color:rgb(0,0,0);fo= nt-weight:700;vertical-align:baseline;white-space:pre-wrap">Lexi Haley </sp= an><span style=3D"color:rgb(102,102,102);font-family:Verdana;font-size:13.3= 333px;white-space:pre-wrap">(she/her/hers)</span></p><p dir=3D"ltr" style= =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><= span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,102);ver= tical-align:baseline;white-space:pre-wrap">Computer Scientist, System Tools= , Advanced Technology Division</span></p><p dir=3D"ltr" style=3D"color:rgb(= 80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"= font-size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:ba= seline;white-space:pre-wrap">Medical Information Technology, Inc.</span></p= ><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt= ;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;color= :rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Office: 781= -774-5156 | Mobile: 508-713-2499</span></p><p style=3D"color:rgb(80,0,80);l= ine-height:1.38;margin-top:0pt;margin-bottom:0pt"><font face=3D"Verdana"><s= pan style=3D"font-size:13.3333px;white-space:pre-wrap"><a href=3D"mailto:lh= aley(a)meditech.com" target=3D"_blank">lhaley(a)meditech.com</a></span></font><= /p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0= pt;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;col= or:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">MEDITECH = Circle, Westwood, MA 02090</span></p><p dir=3D"ltr" style=3D"color:rgb(80,0= ,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font= -size:10pt;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseli= ne;white-space:pre-wrap">Main: 781-821-3000 | Fax: 781-821-2199</span></p><= /div></div></div></div></div></div> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= class=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div= dir=3D"ltr"><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;ma= rgin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:13pt;font-family:V= erdana;color:rgb(0,0,0);font-weight:700;vertical-align:baseline;white-space= :pre-wrap">Lexi Haley </span><span style=3D"color:rgb(102,102,102);font-fam= ily:Verdana;font-size:13.3333px;white-space:pre-wrap">(she/her/hers)</span>= </p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:= 0pt;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;co= lor:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Computer= Scientist, System Tools, Advanced Technology Division</span></p><p dir=3D"= ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bot= tom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,10= 2,102);vertical-align:baseline;white-space:pre-wrap">Medical Information Te= chnology, Inc.</span></p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-he= ight:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:10pt;f= ont-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-spa= ce:pre-wrap">Office: 781-774-5156 | Mobile: 508-713-2499</span></p><p style= =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><= font face=3D"Verdana"><span style=3D"font-size:13.3333px;white-space:pre-wr= ap"><a href=3D"mailto:lhaley@meditech.com" target=3D"_blank">lhaley@meditec= h.com</a></span></font></p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-= height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:10pt= ;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-s= pace:pre-wrap">MEDITECH Circle, Westwood, MA 02090</span></p><p dir=3D"ltr"= style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:= 0pt"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,10= 2);vertical-align:baseline;white-space:pre-wrap">Main: 781-821-3000 | Fax: = 781-821-2199</span></p></div></div></div></div></div></div> <br> <a href=3D"https://ehr.meditech.com/expanse" target=3D"_blank"><img src=3D"= https://home.meditech.com/en/d/home/images/meditechemailsignaturelogo2018ex= panse.jpg"></a><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"ht= tps://www.linkedin.com/company/meditech" target=3D"_blank"><img src=3D"http= s://home.meditech.com/en/d/home/images/emailsignaturelinkedin20pixels.gif" = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0 </span= ><a href=3D"https://twitter.com/MEDITECH" target=3D"_blank"><img src=3D"htt= ps://home.meditech.com/en/d/home/images/emailsignaturetwitter20pixels.gif" = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0=C2=A0<= /span><a href=3D"https://www.facebook.com/MeditechEHR" target=3D"_blank"><i= mg src=3D"https://home.meditech.com/en/d/home/images/emailsignaturefacebook= 20pixels.gif" style=3D"font-size:1.3em"></a></div><div><div><a href=3D"http= s://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D864299ec-5= abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326" target= =3D"_blank"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(17,= 85,204);vertical-align:baseline;white-space:pre-wrap">Subscribe</span></a><= span style=3D"font-size:10pt;font-family:Verdana;vertical-align:baseline;wh= ite-space:pre-wrap"> </span><span style=3D"font-size:10pt;font-family:Verda= na;color:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">to = receive emails from MEDITECH or to change email preferences.</span></div></= div> --00000000000062d6a8059f1bda34--

1 0

Re: (ITS#9175) ldapsearch segfault
by lhaley＠meditech.com 21 Feb '20

21 Feb '20

--000000000000ecfe33059f19e40d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable continuing notes - as I am quite accustomed to working with the data structures and processes for LDAP - my hacky fudge was just that - and also useless. By bailing out at that point, ldapsearch doesn't list the tag=3Dvalue results. I am continuing to dig around ... Lexi On Thu, Feb 20, 2020 at 3:09 PM <openldap-its(a)openldap.org> wrote: > > *** THIS IS AN AUTOMATICALLY GENERATED REPLY *** > > Thanks for your report to the OpenLDAP Issue Tracking System. Your > report has been assigned the tracking number ITS#9175. > > One of our support engineers will look at your report in due course. > Note that this may take some time because our support engineers > are volunteers. They only work on OpenLDAP when they have spare > time. > > If you need to provide additional information in regards to your > issue report, you may do so by replying to this message. Note that > any mail sent to openldap-its(a)openldap.org with (ITS#9175) > in the subject will automatically be attached to the issue report. > > mailto:openldap-its@openldap.org?subject=3D(ITS#9175) > > You may follow the progress of this report by loading the following > URL in a web browser: > http://www.OpenLDAP.org/its/index.cgi?findid=3D9175 > > Please remember to retain your issue tracking number (ITS#9175) > on any further messages you send to us regarding this report. If > you don't then you'll just waste our time and yours because we > won't be able to properly track the report. > > Please note that the Issue Tracking System is not intended to > be used to seek help in the proper use of OpenLDAP Software. > Such requests will be closed. > > OpenLDAP Software is user supported. > http://www.OpenLDAP.org/support/ > > -------------- > Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved. > > --=20 Lexi Haley (she/her/hers) Computer Scientist, System Tools, Advanced Technology Division Medical Information Technology, Inc. Office: 781-774-5156 | Mobile: 508-713-2499 lhaley(a)meditech.com MEDITECH Circle, Westwood, MA 02090 Main: 781-821-3000 | Fax: 781-821-2199 --=20 <https://ehr.meditech.com/expanse>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =20 <https://www.linkedin.com/company/meditech>=C2=A0 =20 <https://twitter.com/MEDITECH>=C2=A0=C2=A0 <https://www.facebook.com/Medite= chEHR> Subscribe=20 <https://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D86429= 9ec-5abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326>=20 to receive emails from MEDITECH or to change email preferences. --000000000000ecfe33059f19e40d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">continuing notes - as I am quite accustomed to working wit= h the data structures and processes for LDAP - my hacky fudge was just that= - and also useless.=C2=A0 By bailing out at that point, ldapsearch doesn&#= 39;t list the tag=3Dvalue results.=C2=A0 I am continuing to dig around ...<= div><br></div><div>Lexi</div></div><br><div class=3D"gmail_quote"><div dir= =3D"ltr" class=3D"gmail_attr">On Thu, Feb 20, 2020 at 3:09 PM <<a href= =3D"mailto:openldap-its@openldap.org">openldap-its(a)openldap.org</a>> wro= te:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px = 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br> *** THIS IS AN AUTOMATICALLY GENERATED REPLY ***<br> <br> Thanks for your report to the OpenLDAP Issue Tracking System.=C2=A0 Your<br= > report has been assigned the tracking number ITS#9175.<br> <br> One of our support engineers will look at your report in due course.<br> Note that this may take some time because our support engineers<br> are volunteers.=C2=A0 They only work on OpenLDAP when they have spare<br> time.<br> <br> If you need to provide additional information in regards to your<br> issue report, you may do so by replying to this message.=C2=A0 Note that<br= > any mail sent to <a href=3D"mailto:openldap-its@openldap.org" target=3D"_bl= ank">openldap-its(a)openldap.org</a> with (ITS#9175)<br> in the subject will automatically be attached to the issue report.<br> <br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 mailto:<a href=3D"mailto:openldap-its@openldap.= org" target=3D"_blank">openldap-its(a)openldap.org</a>?subject=3D(ITS#9175)<b= r> <br> You may follow the progress of this report by loading the following<br> URL in a web browser:<br> =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/its/index.cgi?findid=3D917= 5" rel=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/its/index.c= gi?findid=3D9175</a><br> <br> Please remember to retain your issue tracking number (ITS#9175)<br> on any further messages you send to us regarding this report.=C2=A0 If<br> you don't then you'll just waste our time and yours because we<br> won't be able to properly track the report.<br> <br> Please note that the Issue Tracking System is not intended to<br> be used to seek help in the proper use of OpenLDAP Software.<br> Such requests will be closed.<br> <br> OpenLDAP Software is user supported.<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"http://www.OpenLDAP.org/support/" re= l=3D"noreferrer" target=3D"_blank">http://www.OpenLDAP.org/support/</a><br> <br> --------------<br> Copyright 1998-2007 The OpenLDAP Foundation, All Rights Reserved.<br> <br> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= class=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div= dir=3D"ltr"><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;ma= rgin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:13pt;font-family:V= erdana;color:rgb(0,0,0);font-weight:700;vertical-align:baseline;white-space= :pre-wrap">Lexi Haley </span><span style=3D"color:rgb(102,102,102);font-fam= ily:Verdana;font-size:13.3333px;white-space:pre-wrap">(she/her/hers)</span>= </p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:= 0pt;margin-bottom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;co= lor:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">Computer= Scientist, System Tools, Advanced Technology Division</span></p><p dir=3D"= ltr" style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bot= tom:0pt"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,10= 2,102);vertical-align:baseline;white-space:pre-wrap">Medical Information Te= chnology, Inc.</span></p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-he= ight:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:10pt;f= ont-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-spa= ce:pre-wrap">Office: 781-774-5156 | Mobile: 508-713-2499</span></p><p style= =3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:0pt"><= font face=3D"Verdana"><span style=3D"font-size:13.3333px;white-space:pre-wr= ap"><a href=3D"mailto:lhaley@meditech.com" target=3D"_blank">lhaley@meditec= h.com</a></span></font></p><p dir=3D"ltr" style=3D"color:rgb(80,0,80);line-= height:1.38;margin-top:0pt;margin-bottom:0pt"><span style=3D"font-size:10pt= ;font-family:Verdana;color:rgb(102,102,102);vertical-align:baseline;white-s= pace:pre-wrap">MEDITECH Circle, Westwood, MA 02090</span></p><p dir=3D"ltr"= style=3D"color:rgb(80,0,80);line-height:1.38;margin-top:0pt;margin-bottom:= 0pt"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(102,102,10= 2);vertical-align:baseline;white-space:pre-wrap">Main: 781-821-3000 | Fax: = 781-821-2199</span></p></div></div></div></div></div></div> <br> <a href=3D"https://ehr.meditech.com/expanse" target=3D"_blank"><img src=3D"= https://home.meditech.com/en/d/home/images/meditechemailsignaturelogo2018ex= panse.jpg"></a><div>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"ht= tps://www.linkedin.com/company/meditech" target=3D"_blank"><img src=3D"http= s://home.meditech.com/en/d/home/images/emailsignaturelinkedin20pixels.gif" = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0 </span= ><a href=3D"https://twitter.com/MEDITECH" target=3D"_blank"><img src=3D"htt= ps://home.meditech.com/en/d/home/images/emailsignaturetwitter20pixels.gif" = style=3D"font-size:1.3em"></a><span style=3D"font-size:1.3em">=C2=A0=C2=A0<= /span><a href=3D"https://www.facebook.com/MeditechEHR" target=3D"_blank"><i= mg src=3D"https://home.meditech.com/en/d/home/images/emailsignaturefacebook= 20pixels.gif" style=3D"font-size:1.3em"></a></div><div><div><a href=3D"http= s://info.meditech.com/get-great-meditech-content?hsCtaTracking=3D864299ec-5= abf-4004-9c6d-2d051794101f%7Cc911be42-538a-4a48-8dca-a6d4001c6326" target= =3D"_blank"><span style=3D"font-size:10pt;font-family:Verdana;color:rgb(17,= 85,204);vertical-align:baseline;white-space:pre-wrap">Subscribe</span></a><= span style=3D"font-size:10pt;font-family:Verdana;vertical-align:baseline;wh= ite-space:pre-wrap"> </span><span style=3D"font-size:10pt;font-family:Verda= na;color:rgb(102,102,102);vertical-align:baseline;white-space:pre-wrap">to = receive emails from MEDITECH or to change email preferences.</span></div></= div> --000000000000ecfe33059f19e40d--

1 0

Re: (ITS#9171) slapd with ppolicy and pwdAccountLockedTime crashes
by ondra＠mistotebe.net 21 Feb '20

21 Feb '20

On Mon, Feb 17, 2020 at 02:17:32PM +0000, tokos(a)ipp.cas.cz wrote: > Hi Ondrej, > > I uploaded my configuration here(ftp.openldap.org/incoming) : Hi Stanislav, thanks for the information, I have been able to reproduce the issue and pushed a fix to master (commit 140b676bc1bd786f9fd1e7b047981e84b57cb354). Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP

1 0

RE: Re: (ITS#9017) Improving performance of commit sync in Windows
by kriszyp＠gmail.com 20 Feb '20

20 Feb '20

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:sc= hemas-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/of= fice/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta ht= tp-equiv=3DContent-Type content=3D"text/html; charset=3Dutf-8"><meta name= =3DGenerator content=3D"Microsoft Word 15 (filtered medium)"><style></style></head><body lang=3DEN-CA link=3Dblue vlink=3D"#954F72"><div cla= ss=3DWordSection1><p class=3DMsoNormal>Sorry, I should have added a little = more detail. Specifically, I was seeing the `pos` variable in `mdb_page_flu= sh` going over 2^31, and this being manifested in failed shift right here (= resulting in 2^32 -1):<o:p></o:p></p><p class=3DMsoNormal><a href=3D"https:= //github.com/LMDB/lmdb/blob/mdb.master/libraries/liblmdb/mdb.c#L3711">https= ://github.com/LMDB/lmdb/blob/mdb.master/libraries/liblmdb/mdb.c#L3711</a> <= /p><p class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>Thanks,<b= r>Kris</p><p class=3DMsoNormal><o:p> </o:p></p><div style=3D'mso-eleme= nt:para-border-div;border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt= 0cm 0cm 0cm'><p class=3DMsoNormal style=3D'border:none;padding:0cm'><b>Fro= m: </b><a href=3D"mailto:hyc@symas.com">Howard Chu</a><br><b>Sent: </b>Febr= uary 20, 2020 9:08 PM<br><b>To: </b><a href=3D"mailto:kriszyp@gmail.com">kr= iszyp(a)gmail.com</a><br><b>Cc: </b><a href=3D"mailto:openldap-its@openldap.o= rg">openldap-its(a)OpenLDAP.org</a><br><b>Subject: </b>Re: (ITS#9017) Improvi= ng performance of commit sync in Windows</p></div><p class=3DMsoNormal><o:p= > </o:p></p><p class=3DMsoNormal>Howard Chu wrote:</p><p class=3DMsoNo= rmal>> There should be an off64_t type instead.</p><p class=3DMsoNormal>= <o:p> </o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p class=3DM= soNormal>> But it looks to me like only the env->me_size field could = ever overflow,</p><p class=3DMsoNormal>> and using size_t for that shoul= d be fine. The other uses are for the meta page, which is always either off= set 0 or</p><p class=3DMsoNormal>> offset 4096 (with 4KB pagesize), and = the lockfile, which is always smaller than 2GB.</p><p class=3DMsoNormal><o:= p> </o:p></p><p class=3DMsoNormal>Ignore that, I was looking at the 0.= 9 branch when I wrote that.</p><p class=3DMsoNormal><o:p> </o:p></p><p= class=3DMsoNormal>-- </p><p class=3DMsoNormal>=C2=A0=C2=A0-- Howard Chu</p= ><p class=3DMsoNormal>=C2=A0 CTO, Symas Corp.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 http://www.symas.com</p><p class=3DMsoNormal= >=C2=A0 Director, Highland Sun=C2=A0=C2=A0=C2=A0=C2=A0 http://highlandsun.c= om/hyc/</p><p class=3DMsoNormal>=C2=A0 Chief Architect, OpenLDAP=C2=A0 http= ://www.openldap.org/project/</p><p class=3DMsoNormal><o:p> </o:p></p><= /div></body></html>=

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs February 2020