https://bugs.openldap.org/show_bug.cgi?id=8988
Quanah Gibson-Mount <quanah(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |VERIFIED
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9291
Issue ID: 9291
Summary: Detection of corrupted database files
Product: LMDB
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: liblmdb
Assignee: bugs(a)openldap.org
Reporter: markus(a)objectbox.io
Target Milestone: ---
Let's assume we have to deal with a corrupted database for whatever reason
(e.g. broken hardware or file system). Current behavior seems to be mostly
undefined, which is understandable as it's not known what is broken (e.g. there
are no checksums).
For example, I'm seeing a SIGBUS in mdb_page_touch because the cursor's top
page (mp) is pointing to invalid memory (0x7f99cf004000) during a commit:
mdb_page_touch mdb.c:2772
mdb_page_search mdb.c:6595
mdb_freelist_save mdb.c:3575
mdb_txn_commit mdb.c:4060
Cursor data at that point: mc_snum = 1, mc_top = 0; myki[0] = 0
A SIGBUS is troublesome as it crashes the process, and I wonder if there are
other ways to detect such inconsistencies. If that be possible there could be
user-specific handling in place. E.g. a user might start a new database file.
This issue was reported by our users, which also provided DB files:
https://github.com/objectbox/objectbox-java/issues/859
I did not find a lot of consistency checks besides MDB_PAGE_NOTFOUND and
MDB_CORRUPTED. Also, I think there's no current way to thoroughly check a DB
file (e.g. like fsck for the DB file)?
My first idea other than checksums was to walk through the branch pages from
the root and check if the referenced pages are within reasonable bounds. Also
check the page content (e.g. nodes, flags). Additionally (optionally?), it
should be possible to check that the key values are actually sorted.
So, it boils down to 3 points in summary:
1.) If there no way to check the DB file for consistency yet(?), which approach
do you think would make sense? There might be two modes; one for a through
check through all data, and a quick check that does not take long and could be
e.g. done when opening the DB. Goal is to avoid process crashes and let users
handle the situation.
2.) In general, is it possible to add more consistency checks in regular DB
operations?
3.) Could the the particular situation (for which I provided the stack trace)
detected (e.g. is myki[0] = 0 legal here?)
I'd be happy to provide a patch if you provide some direction where you want to
take that.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10524
Issue ID: 10524
Summary: slaptest attempts to open a new database, instead of
creating it
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: nivanova(a)symas.com
Target Milestone: ---
The issue appears when one decides to convert a slapd.conf file to cn=config,
if slapd has never been started with said slapd.conf, and the slapd.conf
contains a database definition.
For the purpose of testing another issue, I wrote a brand new slapd.conf and
attempted to convert it into a brand new configuration directory, before
starting up slapd.
Example slapd.conf:
database config
rootdn cn=config
rootpw secret
database mdb
directory ./mdb_test
suffix dc=ldap,dc=example,dc=com
rootdn cn=admin,dc=ldap,dc=example,dc=com
rootpw secret
I create the mdb_test directory and the configuration directory (crash.d) and
run:
slapd -T test -f slap_mdb.conf -F crash.d
which fails:
mdb_db_open: database "dc=ldap,dc=example,dc=com" cannot be opened: No such
file or directory (2). Administrator intervention needed!
backend_startup_one (type=mdb, suffix="dc=ldap,dc=example,dc=com"): bi_db_open
failed! (2)
If I start slapd with the .conf file it starts up sucessfully and createds the
database. After that a slaptest run succeeds, because the database already
exists.
This is probably a rare use case, but I think we need to decide if this is
desired behavior and fix it if not.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10423
Issue ID: 10423
Summary: It is possible via cn=config to add an entry of one
database type with the object class of another,
causing OpenLDAP to crash
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: nivanova(a)symas.com
Target Milestone: ---
This happens specifically because the user by mistake attempts to create a meta
database by specifying the object class for back-ldap. Since these share a lot
of common attributes, schema checks do not fail. As a result, slapd initializes
a meta database (based on olcDatabase value), but attempts to manipulate an
initialized back-ldap database after that, and segfaults.
Like this:
dn: olcDatabase=meta,cn=config
objectClass: olcDatabaseConfig
objectClass: olcLDAPConfig
olcDatabase: meta
olcDbURI: "ldap://example.com"
While it seems this is only possible for the proxy databases, we cannot rely
that schema checks on attributes will fail for other database combinations, who
knows what common attributes can be added or supplied in the future, we we have
to fix this.
The issue is reproducible via slapadd and at runtime with ldapadd.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10525
Issue ID: 10525
Summary: back-ldap accepts multiple tls_cert values in
olcDbACLBind
Product: OpenLDAP
Version: 2.6.13
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
In examining my slapd configuration, I found it had:
olcDBACLBind: bindmethod=sasl sasl_mech=external
tls_cert=/path/to/home/directory/cert tls_cert=/path/to/real/cert <rest of tls
configuration>
Fortunately it took the second value, so the connections worked, but I would
expect this to generate an error
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10522
Issue ID: 10522
Summary: Heap-buffer-overflow in mdb_cursor_last
Product: LMDB
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: liblmdb
Assignee: bugs(a)openldap.org
Reporter: renault.cle(a)gmail.com
Target Milestone: ---
Created attachment 1155
--> https://bugs.openldap.org/attachment.cgi?id=1155&action=edit
Reproducer for a heap-buffer-overflow
Hello,
I was fuzzing a bit LMDB on my personnal time and found memory issue. I
attached the reproducer. It is only reproducible when compiled with ASan/UBSan
(-fsanitize=address,undefined) on macOS and you can get a segfault on Linux
(6.1.0-44-amd64, Debian 6.1.164-1).
The issue appears in the mdb_cursor_last function line 8257 on commit
7bcb4d05da7cf1546133baf51178e5e1b53cdd53 from branch mdb.RE/1.0.
Thank you for your help,
Have a nice day
PS: I cannot specify the right version in the version list.
PS2: I get a 401 Authorization Required when I try to connect through GitHub
from Arc Browser.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10527
Quanah Gibson-Mount <quanah(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |VERIFIED
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10527
Howard Chu <hyc(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Group|OpenLDAP-devs |
Keywords|needs_review |
--- Comment #2 from Howard Chu <hyc(a)openldap.org> ---
It's ludicrous to report bugs in unreleased code as "vulnerabilities".
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10509
Issue ID: 10509
Summary: 2.7: Feature notes for announcement file
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: documentation
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
Add feature notes for the 2.7 announcement file
--
You are receiving this mail because:
You are on the CC list for the issue.