ehlo, If LDAP entries have more then one attribute "automountKey" automount map will be skipped and error message will be printed to log files and sssd_be will crash. DEBUG(SSSDBG_MINOR_FAILURE, "Malformed entry, skipping\n");
The output array with automount maps will contain uninitialized pointers because array was terminated after the expected count of entries and not after the last successfully retrieved entry Resolves: https://fedorahosted.org/sssd/ticket/2288 How to reproduce crash? You need to have more than two automountKey attributes in LDAP entry for automount map. Attached patch fix crash only in sssd_be. (There was another crash in automount client) LS
>From de990d6cbf2b1e4a72fff3a3902c4e0ef189fc86 Mon Sep 17 00:00:00 2001 From: Lukas Slebodnik <lsleb...@redhat.com> Date: Fri, 21 Mar 2014 17:14:48 +0100 Subject: [PATCH] AUTOFS: terminate array after the last entry If LDAP entries have more then one attribute "automountKey" automount map will be skipped and error message will be printed to log files and sssd_be will crash. DEBUG(SSSDBG_MINOR_FAILURE, "Malformed entry, skipping\n"); The output array with automount maps will contain uninitialized pointers because array was terminated after the expected count of entries and not after the last successfully retrieved entry Resolves: https://fedorahosted.org/sssd/ticket/2288 --- src/providers/ldap/sdap_async_autofs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/providers/ldap/sdap_async_autofs.c b/src/providers/ldap/sdap_async_autofs.c index 616a3b9a52fab2969e84809878df2df58ea9e4e2..1db8d2067a691ac93844d97dd2d53422b1ca3ad2 100644 --- a/src/providers/ldap/sdap_async_autofs.c +++ b/src/providers/ldap/sdap_async_autofs.c @@ -844,7 +844,8 @@ sdap_autofs_setautomntent_save(struct tevent_req *req) j++; } - ldap_entrylist[state->entries_count] = NULL; + /* terminate array with NULL after the last retrieved entry */ + ldap_entrylist[j] = NULL; } ret = sysdb_autofs_entries_by_map(tmp_ctx, state->dom, state->mapname, -- 1.9.0
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel