Full_Name: Etienne Bagnoud Version: 2.4.11 and HEAD OS: Debian GNU/Linux 5.0.4 URL: http://www.tchetch.net/code/openldap/ Submission from: (NULL) (153.109.35.2)
When sending a refresh request (RFC 2589) with an empty DN, the server segfault. This did work on default Debian installed version (slapd 2.4.11) as well as on the actual (today) version in HEAD.
The actual return value returned by 'select_backend' is not checked for NULL value and passed directly to 'SLAP_DYNAMIC' macro.
While digging through the code to find how others overlays where doing, if found that pcache has the same behavior. I can't test for that overlay (if the bug is corrected or not), but I suppose it's the same.
So here are two patches to correct dds overlay and pcache overlay : - http://www.tchetch.net/code/openldap/servers-slapd-overlays-dds.patch - http://www.tchetch.net/code/openldap/servers-slapd-overlays-pcache.patch
I'm not used to dig into openldap code (in fact, this is the first time), so I hope it's ok.
Etienne.