DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43942>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43942 Summary: httpd crashes while loading ldap attributes Product: Apache httpd-2 Version: 2.2.6 Platform: Other OS/Version: AIX Status: NEW Severity: critical Priority: P2 Component: mod_authz_ldap AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] We wrote an authorisation module for integrating apache in our company's security framework. This module is based on mod_authnz_ldap, and we can reproduce our problem with mod_authnz_ldap as well. The problem occurs when a large list of attribute-values is loaded from ldap. In this case, the account, that causes the crash, has an ldap attribute "slResolvedPermissions" with 3'500 values. These values are concatenated in modules/ldap/util_ldap.c:uldap_cache_getuserdn() to a string of approx. 200k size. During this the process receives a SegFault and coredumps after concatenating 2893 values and a string size of approx. 178'947 bytes. Backtrace: (gdb) bt #0 0x0000f050 in ?? () #1 0xd21ceddc in apr_pstrcat (a=0x20239f20, __ellip=<incomplete type>) at strings/apr_strings.c:165 #2 0x200c734c in uldap_cache_getuserdn (r=0x20239f58, ldc=0x200dd1b8, url=0x20242808 "ldap://sphinxps:392/ou=accounts,dc=swisslife,dc=ch?cn,slResolvedPermissions";, basedn=0x20242868 "ou=accounts,dc=swisslife,dc=ch", scope=2, attrs=0x20242888, filter=0x2ff205f8 "(&(objectclass=*)(cn=IXED))", binddn=0x2ff225f8, retvals=0x2ff225fc) at util_ldap.c:1240 #3 0x20075378 in authz_ldap_check_user_access (r=0x20239f58) at mod_authnz_ldap.c:590 #4 0x1003bdec in ap_run_auth_checker (r=0x20239f58) at request.c:78 #5 0x1003e2c0 in ap_process_request_internal (r=0x20239f58) at request.c:202 #6 0x10043940 in ap_process_request (r=0x20239f58) at http_request.c:256 #7 0x1004c32c in ap_process_http_connection (c=0x2022dfd0) at http_core.c:184 #8 0x10035000 in ap_run_process_connection (c=0x2022dfd0) at connection.c:43 #9 0x10035a34 in ap_process_connection (c=0x2022dfd0, csd=0x2022def8) at connection.c:178 #10 0x1000bda0 in child_main (child_num_arg=0) at prefork.c:640 #11 0x1000b77c in make_child (s=0x20025780, slot=0) at prefork.c:680 #12 0x1000c930 in ap_mpm_run (_pconf=0x200238e0, plog=0x20051a50, s=0x20025780) at prefork.c:956 #13 0x10000e8c in main (argc=2, argv=0x2ff22b10) at main.c:730 Please not that line numbers in util_ldap.c are not accurate because of some debug statements. For reproducing this problem please set up an ldap server with an user as described above; cn=username and a huge list of attributes slResolvedPermissions. Configure a directory with the following .hraccess: AuthType basic AuthBasicProvider file AuthName "Secret Stuff" AuthUserFile /home/bele/apache/htdocs/spxtest/secret/htpasswd AuthLDAPURL ldap://sphinxps:392/ou=accounts,dc=company,dc=com?cn,slResolvedPermissions AuthLDAPBindDN "uid=Directory Reader,ou=Directory Users,dc=company,dc=com" AuthLDAPBindPassword XXXXXX Require ldap-attribute slResolvedPermissions=AV-K.BEST_AUSGABE.read I could not reproduce this problem on Solaris, so this is probably AIX specific. Compiler was xlc and alternatively gcc 4. Ldap library is openldap 2.3.39, httpd is 2.2.6. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
