[Issue 10091] New: slapd segfaults when the dynlist overlay is applied on the frontend db (with `<memberOf-ad>@<static-oc>` parameters)
https://bugs.openldap.org/show_bug.cgi?id=10091
Issue ID: 10091 Summary: slapd segfaults when the dynlist overlay is applied on the frontend db (with `<memberOf-ad>@<static-oc>` parameters) Product: OpenLDAP Version: 2.6.6 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs@openldap.org Reporter: philip.schildkamp@uni-koeln.de Target Milestone: ---
Created attachment 974 --> https://bugs.openldap.org/attachment.cgi?id=974&action=edit Full stacktrace of the segfault
Dear OpenLDAP Development-Team,
first of all, thank You for Your continued efforts to provide this great software!
I've run into a segfault when trying to apply the dynlist overlay to the frontend db. As I'm running Alpine Linux (based on musl libc), I've verified that this segfault also occurs under GLIBC-based distros. Furthermore, I've trimmed my config down to the bare minimum to provide a replicable setting.
This segfault only occurs when I'm trying to use the full `dynlist-attrset` configuration (including the `+<memberOf-ad>@<static-oc>` parameters). If I only supply the `<group-oc> <URL-ad> <member-ad>` parts of the configruation, the segfault does not occur. And the segfault does not happen on startup, but when connecting to the running `slapd` instance.
The version I'm running:
@(#) $OpenLDAP: slapd 2.6.6 (Aug 7 2023 12:57:03) $
My `slapd.conf` (the same segfault occures through a `cn=config` setup):
moduleload dynlist
include /etc/openldap/schema/core.schema
overlay dynlist dynlist-attrset labeledURIObject labeledURI member+memberOf@groupOfNames
database ldif directory /tmp suffix "dc=example,dc=com"
I've attached a complete stacktrace of the segfault, which is traced back to `dynlist.c:2057`. If I can provide any other means of debugging (e.g. a coredump) or help in locating the root of this issue, I'd be happy to!
If this issue is known or the dynlist overlay does not support this functionality on the frontend db, I'm sorry for the noise; but as far as I've been able to verify, there is no mention of such a limitation within the `slapo-dynlist` manpage (which does mention the possibility to apply the dynlist overlay to the frontend db), nor did I find an issue regarding exactly this error.
Again, thank You for Your efforts and kind regards, Philip Schildkamp
https://bugs.openldap.org/show_bug.cgi?id=10091
--- Comment #1 from philip.schildkamp@uni-koeln.de --- A slight correction of my initial report: I've just realized, the attached stacktrace is the result of a slightly different configuration (as I tried using different `dynlist` configurations), which looked like this:
moduleload dynlist
include /etc/openldap/schema/core.schema include /etc/openldap/schema/dyngroup.schema
overlay dynlist dynlist-attrset groupOfURLs memberURL member+dgMemberOf@groupOfURLs
database ldif directory /tmp suffix "dc=example,dc=com"
I thought, maybe using the `dyngroup.schema` attributes and objectClasses would make a difference, but it did not. So, in general, the provided stacktrace is correct, as the same error occurs with both configurations.
Sorry for my mistake and kind regards, Philip Schildkamp
https://bugs.openldap.org/show_bug.cgi?id=10091
philip.schildkamp@uni-koeln.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|slapd segfaults when the |slapd segfaults when the |dynlist overlay is applied |dynlist overlay is applied |on the frontend db (with |to the frontend db (with |`<memberOf-ad>@<static-oc>` |`<memberOf-ad>@<static-oc>` |parameters) |parameters)
https://bugs.openldap.org/show_bug.cgi?id=10091
--- Comment #2 from philip.schildkamp@uni-koeln.de --- As a further note I might add, I'm defaulting to Apache Directory Studio to visually manage the server. This results in the first request upon connection to be against the `cn=subschema`. I've thereby narrowed the occurring segfault down to the following `ldapsearch` query, run against a `slapd` with the aforementioned configuration:
ldapsearch -b cn=subschema -s base '(objectClass=subschema)' +
When requesting all attributes (`+`) the error occurs. When only, e.g., requesting all the `objectClasses` from the `cn=subschema` the error vanishes. Which led me on to try this:
ldapsearch -b cn=subschema -s base '(objectClass=subschema)' memberOf
Which, again, resulted in `slapd` segfaulting. At this point I've verified that reducing the `dynlist` configuration to exclude the optional `+<memberOf-ad>@<static-oc>` options also alleviates the error (it does). And I was able to narrow the occurrence of the segfault down to the following, simple `ldapsearch` query:
ldapsearch memberOf
From the stacktrace I've been able to figure out that the segfault is cause by a null pointer when accessing `o.o_bd->be_search(...)`, as the backend db (`o_db`) isn't set. But any of my further conclusions would more or less be guesswork at this point.
https://bugs.openldap.org/show_bug.cgi?id=10091
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | Target Milestone|--- |2.5.17 Assignee|bugs@openldap.org |ondra@mistotebe.net
https://bugs.openldap.org/show_bug.cgi?id=10091
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |uberthoth@gmail.com
--- Comment #3 from Quanah Gibson-Mount quanah@openldap.org --- *** Issue 10111 has been marked as a duplicate of this issue. ***
https://bugs.openldap.org/show_bug.cgi?id=10091
--- Comment #4 from Quanah Gibson-Mount quanah@openldap.org --- Commits: • 02975a3d by Ondřej Kuzník at 2023-08-15T13:07:46+01:00 ITS#10091 Do not allow dynlist being configured as global
https://bugs.openldap.org/show_bug.cgi?id=10091
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED
--- Comment #5 from Quanah Gibson-Mount quanah@openldap.org --- RE26:
• 7bdba66e by Ondřej Kuzník at 2023-10-23T19:15:57+00:00 ITS#10091 Do not allow dynlist being configured as global
RE25:
• 4d9424cb by Ondřej Kuzník at 2023-10-23T19:16:01+00:00 ITS#10091 Do not allow dynlist being configured as global
https://bugs.openldap.org/show_bug.cgi?id=10091
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org