andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 7 months ago
Clone

Blame SOURCES/0016-Issue-4521-DS-crash-in-deref-plugin-if-dereferenced-.patch

ed9856
From ffeb863e47ab35cbb2e5666847561451d0394ed9 Mon Sep 17 00:00:00 2001
ed9856
From: tbordaz <tbordaz@redhat.com>
ed9856
Date: Mon, 11 Jan 2021 17:33:06 +0100
ed9856
Subject: [PATCH] Issue 4521 - DS crash in deref plugin if dereferenced entry
ed9856
 exists but is not returned by internal search (#4525)
ed9856
ed9856
Bug description:
ed9856
	For each returned entry, deref plugin dereferences some attribute values that refer to entries.
ed9856
	To do this it does an internal search (scope base) with each attribute values.
ed9856
	Deref plugin assumes that if internal search succeeds, a single entry is returned.
ed9856
	It exists cases (not identified) where internal search succeeds but returns no entry.
ed9856
	In such case (search succeeds but no entry returned) the server crash.
ed9856
	Note: wonder if DB deadlock could lead to such situation.
ed9856
ed9856
Fix description:
ed9856
	Make a hardening fix that logs warning in such case
ed9856
ed9856
relates: https://github.com/389ds/389-ds-base/issues/4521
ed9856
ed9856
Reviewed by: Mark Reynolds (thanks)
ed9856
ed9856
Platforms tested: F31
ed9856
---
ed9856
 ldap/servers/plugins/deref/deref.c | 15 +++++++++++++++
ed9856
 1 file changed, 15 insertions(+)
ed9856
ed9856
diff --git a/ldap/servers/plugins/deref/deref.c b/ldap/servers/plugins/deref/deref.c
ed9856
index ec1884ba3..fc1c10f71 100644
ed9856
--- a/ldap/servers/plugins/deref/deref.c
ed9856
+++ b/ldap/servers/plugins/deref/deref.c
ed9856
@@ -592,6 +592,21 @@ deref_do_deref_attr(Slapi_PBlock *pb, BerElement *ctrlber, const char *derefdn,
ed9856
                 slapi_log_err(SLAPI_LOG_PLUGIN, DEREF_PLUGIN_SUBSYSTEM,
ed9856
                               "deref_do_deref_attr - More than one entry matching DN [%s]\n",
ed9856
                               derefdn);
ed9856
+            } else if (entries[0] == NULL) {
ed9856
+                int32_t op_id;
ed9856
+                uint64_t conn_id;
ed9856
+
ed9856
+                slapi_pblock_get(pb, SLAPI_OPERATION_ID, &op_id);
ed9856
+                slapi_pblock_get(pb, SLAPI_CONN_ID, &conn_id);
ed9856
+                /* Weird case not clearly understood:
ed9856
+                 * the entry 'derefdn' exists (else we would have NOT_SUCH_ENTRY in 'rc')
ed9856
+                 * but it is not returned by the internal search. Note that internal search
ed9856
+                 * returns tombstone or subentry.
ed9856
+                 * Just to prevent a crash, catch this error condition and log a warning
ed9856
+                 */
ed9856
+                slapi_log_err(SLAPI_LOG_WARNING, DEREF_PLUGIN_SUBSYSTEM,
ed9856
+                              "deref_do_deref_attr - conn=%" PRIu64 " op=%d - failed to retrieve the entry [%s], although the entry exists\n",
ed9856
+                              conn_id, op_id, derefdn);
ed9856
             } else {
ed9856
                 int ii;
ed9856
                 int needattrvals = 1; /* need attrvals sequence? */
ed9856
-- 
ed9856
2.26.2
ed9856