https://bugs.openldap.org/show_bug.cgi?id=9738
Issue ID: 9738 Summary: entry_schema_check: Assertion `a->a_vals[0].bv_val != NULL' failed. Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: michael@stroeder.com Target Milestone: ---
slapd 2.6.0 exits when an LDAP client sends an add operation with invalid data:
2021-11-04T22:07:36.790594+01:00 itn-dir-1 slapd[32415]: 61844b98.2ef8df5c 0x7fe42d9a6700 Entry (mail=michael@stroeder.com,ou=ext,ou=metadir,o=itn): object class 'itnmetaPerson' requires attribute 'displayName' 2021-11-04T22:07:36.790694+01:00 itn-dir-1 slapd[32415]: slapd: schema_check.c:89: entry_schema_check: Assertion `a->a_vals[0].bv_val != NULL' failed.
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #1 from Michael Ströder michael@stroeder.com --- Note that this also happens for a bound identity which is not even authorized to add an entry.
https://bugs.openldap.org/show_bug.cgi?id=9738
Michael Ströder michael@stroeder.com changed:
What |Removed |Added ---------------------------------------------------------------------------- OS|All |Linux Hardware|All |x86_64
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #2 from Ondřej Kuzník ondra@mistotebe.net --- On Thu, Nov 04, 2021 at 11:52:27PM +0000, openldap-its@openldap.org wrote:
Note that this also happens for a bound identity which is not even authorized to add an entry.
Hi Michael, can you provide a config and an ldif that triggers this? Is this tied to any overlays being configured, global or on the database in question?
Thanks,
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #3 from Michael Ströder michael@stroeder.com --- On 11/5/21 09:00, openldap-its@openldap.org wrote:
--- Comment #2 from Ondřej Kuzník ondra@mistotebe.net --- can you provide a config and an ldif that triggers this? Is this tied to any overlays being configured, global or on the database in question?
It seems that slapo-accesslog is the culprit:
overlay accesslog logdb "cn=accesslog" logops writes logold "(objectClass=*)" logpurge 3660+00:00 07+00:00
If I comment the line "logops writes" or add "logsuccess TRUE" it does not crash.
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #4 from Ondřej Kuzník ondra@mistotebe.net --- On Fri, Nov 05, 2021 at 08:43:44AM +0000, openldap-its@openldap.org wrote:
It seems that slapo-accesslog is the culprit:
overlay accesslog logdb "cn=accesslog" logops writes logold "(objectClass=*)" logpurge 3660+00:00 07+00:00
If I comment the line "logops writes" or add "logsuccess TRUE" it does not crash.
Can you provide a way to reproduce this? Trying with an invalid add (a MUST attribute missing in the entry) does what I'd expect and logs the failed operation just fine.
Thanks,
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #5 from Michael Ströder michael@stroeder.com --- Created attachment 853 --> https://bugs.openldap.org/attachment.cgi?id=853&action=edit test config and test data
https://bugs.openldap.org/show_bug.cgi?id=9738
Ondřej Kuzník ondra@mistotebe.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |IN_PROGRESS Ever confirmed|0 |1
--- Comment #6 from Ondřej Kuzník ondra@mistotebe.net --- Right, that's because I tested with my local branch that already had all relevant patches from the ITS#6097 related tests. Try https://git.openldap.org/openldap/openldap/-/merge_requests/439
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #7 from Michael Ströder michael@stroeder.com --- I've applied your changes as backport-patch for my packages. It seems to fix the issue.
https://bugs.openldap.org/show_bug.cgi?id=9738
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@openldap.org |ondra@mistotebe.net Target Milestone|--- |2.6.1 Keywords|needs_review |
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #8 from Quanah Gibson-Mount quanah@openldap.org --- • 30baa30b by Ondřej Kuzník at 2021-11-11T20:06:01+00:00 ITS#9738 Remove code deprecated by ITS#9538
https://bugs.openldap.org/show_bug.cgi?id=9738
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |TEST Status|IN_PROGRESS |RESOLVED
https://bugs.openldap.org/show_bug.cgi?id=9738
--- Comment #9 from Quanah Gibson-Mount quanah@openldap.org --- • e6d527da by Ondřej Kuzník at 2021-11-12T21:32:18+00:00 ITS#9738 Remove code deprecated by ITS#9538
https://bugs.openldap.org/show_bug.cgi?id=9738
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org