Re: (ITS#8327) The mod->sm_numvals values is checked and not seen as valid in mods.c

I would like to mention that I just faced this problem in OpenLDAP 2.4.43 w= ith the ppolicy overlay.

The bug only occurs if a default ppolicy is defined in overlay configuratio= n, but no corresponding entry in LDAP server is found. There is no bug if t= he configuration entry is found, so this is not a big deal.

<=3D ldap_dn2bv(uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom)=3D0 56682739 <<< dnPrettyNormal: <uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom=

, <uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom>

56682739 conn=3D1000 op=3D0 BIND dn=3D"uid=3Dcoudot,ou=3Dusers,dc=3Dexample= ,dc=3Dcom" method=3D128 56682739 do_bind: version=3D3 dn=3D"uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc= =3Dcom" method=3D128 56682739 =3D> mdb_entry_get: ndn: "uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc= =3Dcom" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> mdb_entry_get: found entry: "uid=3Dcoudot,ou=3Dusers,dc=3Dexa= mple,dc=3Dcom" 56682739 mdb_entry_get: rc=3D0 56682739 =3D> mdb_entry_get: ndn: "ou=3Dbug,ou=3Dppolicy,dc=3Dexample,dc=3D= com" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("ou=3Dbug,ou=3Dppolicy,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("ou=3Dbug,ou=3Dppolicy,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: get failed: MDB_NOTFOUND: No matching key/data pai= r found (-30798) 56682739 =3D> mdb_entry_get: cannot find entry: "ou=3Dbug,ou=3Dppolicy,dc= =3Dexample,dc=3Dcom" 56682739 mdb_entry_get: rc=3D32 56682739 ppolicy_get: using default policy 56682739 =3D=3D> mdb_bind: dn: uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dco= m 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> access_allowed: result not in cache (userPassword) 56682739 =3D> access_allowed: auth access to "uid=3Dcoudot,ou=3Dusers,dc=3D= example,dc=3Dcom" "userPassword" requested 56682739 =3D> dn: [1] ou=3Dusers,dc=3Dexample,dc=3Dcom 56682739 =3D> acl_get: [1] matched 56682739 =3D> acl_get: [1] attr userPassword 56682739 =3D> acl_mask: access to entry "uid=3Dcoudot,ou=3Dusers,dc=3Dexamp= le,dc=3Dcom", attr "userPassword" requested 56682739 =3D> acl_mask: to value by "", (=3D0) 56682739 <=3D check a_dn_pat: uid=3Dwebsso,ou=3Dapplications,dc=3Dexample,d= c=3Dcom 56682739 <=3D check a_dn_pat: uid=3Dsyncrepl,ou=3Dapplications,dc=3Dexample= ,dc=3Dcom 56682739 <=3D check a_dn_pat: self 56682739 <=3D check a_dn_pat: * 56682739 <=3D acl_mask: [4] applying auth(=3Dxd) (stop) 56682739 <=3D acl_mask: [4] mask: auth(=3Dxd) 56682739 =3D> slap_access_allowed: auth access granted by auth(=3Dxd) 56682739 =3D> access_allowed: auth access granted by auth(=3Dxd) 56682739 send_ldap_result: conn=3D1000 op=3D0 p=3D3 56682739 send_ldap_result: err=3D49 matched=3D"" text=3D"" 56682739 =3D> mdb_entry_get: ndn: "uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc= =3Dcom" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> mdb_entry_get: found entry: "uid=3Dcoudot,ou=3Dusers,dc=3Dexa= mple,dc=3Dcom" 56682739 mdb_entry_get: rc=3D0 56682739 =3D> mdb_entry_get: ndn: "uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc= =3Dcom" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> mdb_entry_get: found entry: "uid=3Dcoudot,ou=3Dusers,dc=3Dexa= mple,dc=3Dcom" 56682739 mdb_entry_get: rc=3D0 56682739 =3D> mdb_search 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> access_allowed: search access to "uid=3Dcoudot,ou=3Dusers,dc= =3Dexample,dc=3Dcom" "entry" requested 56682739 <=3D root access granted 56682739 =3D> access_allowed: search access granted by manage(=3Dmwrscxd) 56682739 base_candidates: base: "uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3D= com" (0x00000007) 56682739 =3D> test_filter 56682739 EQUALITY 56682739 =3D> access_allowed: search access to "uid=3Dcoudot,ou=3Dusers,dc= =3Dexample,dc=3Dcom" "objectClass" requested 56682739 <=3D root access granted 56682739 =3D> access_allowed: search access granted by manage(=3Dmwrscxd) 56682739 <=3D test_filter 5 56682739 mdb_search: 7 does not match filter 56682739 send_ldap_result: conn=3D1000 op=3D0 p=3D3 56682739 send_ldap_result: err=3D0 matched=3D"" text=3D"" 56682739 constraint_update() 56682739 =3D> mdb_entry_get: ndn: "uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc= =3Dcom" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> mdb_entry_get: found entry: "uid=3Dcoudot,ou=3Dusers,dc=3Dexa= mple,dc=3Dcom" 56682739 mdb_entry_get: rc=3D0 56682739 =3D> mdb_entry_get: ndn: "uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc= =3Dcom" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 =3D> mdb_entry_get: found entry: "uid=3Dcoudot,ou=3Dusers,dc=3Dexa= mple,dc=3Dcom" 56682739 mdb_entry_get: rc=3D0 56682739 =3D> mdb_entry_get: ndn: "ou=3Dbug,ou=3Dppolicy,dc=3Dexample,dc=3D= com" 56682739 =3D> mdb_entry_get: oc: "(null)", at: "(null)" 56682739 mdb_dn2entry("ou=3Dbug,ou=3Dppolicy,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("ou=3Dbug,ou=3Dppolicy,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: get failed: MDB_NOTFOUND: No matching key/data pai= r found (-30798) 56682739 =3D> mdb_entry_get: cannot find entry: "ou=3Dbug,ou=3Dppolicy,dc= =3Dexample,dc=3Dcom" 56682739 mdb_entry_get: rc=3D32 56682739 ppolicy_get: using default policy 56682739 mdb_modify: uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom 56682739 slap_queue_csn: queueing 0x7fb05c104370 20151209130601.318371Z#000= 000#001#000000 56682739 mdb_dn2entry("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 =3D> mdb_dn2id("uid=3Dcoudot,ou=3Dusers,dc=3Dexample,dc=3Dcom") 56682739 <=3D mdb_dn2id: got id=3D0x7 56682739 =3D> mdb_entry_decode: 56682739 <=3D mdb_entry_decode 56682739 mdb_modify_internal: 0x00000007: uid=3Dcoudot,ou=3Dusers,dc=3Dexam= ple,dc=3Dcom 56682739 <=3D acl_access_allowed: granted to database root 56682739 mdb_modify_internal: replace pwdFailureTime slapd: mods.c:64: modify_add_values: Assertion `mod->sm_numvals =3D=3D i' f= ailed. Aborted (core dumped)

Should be fixed by the patch done for this ITS, but I have not yet tested i= t.

--=20 Cl=C3=A9ment OUDOT Consultant en logiciels libres, Expert infrastructure et s=C3=A9curit=C3=A9 Savoir-faire Linux