[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: access violation in slapd (userCerficate search) (ITS#2004)



But slapd application (or service) crashed at this point for some reason
(in versions 2.0.19 everything works ok). 
I'll try to reproduce error using debug version (with call stack) and
resend information.

Best regards,
Sergey V. Simakov  mailto:sim@x509.ru
security software engineer, MCP+Internet, MCSE
VALIDATA http://www.x509.ru 

> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] 
> Sent: Sunday, August 04, 2002 9:23 AM
> To: óÉÍÁËÏ× óÅÒÇÅÊ
> Cc: openldap-its@OpenLDAP.org
> Subject: Re: access violation in slapd (userCerficate search) 
> (ITS#2004)
> 
> 
> Where's the software bug?  Looks like normal behavior to me.
> 
> Kurt
> 
> At 08:34 AM 2002-08-02, sim@x509.ru wrote:
> >Full_Name: Sergey Simakov
> >Version: 2.1.2
> >OS: Windows 2000
> >URL: ftp://ftp.openldap.org/incoming/
> >Submission from: (NULL) (194.186.131.178)
> >
> >
> >Access violation in slapd searching for 
> userCertificate,caCertificate 
> >or certificateRevokation list attributes, for example 
> (subtree search, 
> >base is cn=users,dc=x509,dc=ru, using root access):
> >
> >search filter: (userCertificate;binary=*)(caCertificate;binary=*)
> >search for: userCertificate;binary and caCertificate;binary 
> slapd log:
> >====> bdb_cache_return_entry_r( 2 ): returned (0)
> >entry_decode: "cn=ca,cn=users,dc=x509,dc=ru"
> ><= entry_decode(cn=ca,cn=users,dc=x509,dc=ru)
> >=> test_filter
> >    OR
> >=> test_filter_or
> >=> test_filter
> >    PRESENT
> >=> access_allowed: search access to "cn=ca,cn=users,dc=x509,dc=ru"
> >"userCertific
> >ate" requested
> ><= root access granted
> ><= test_filter 5
> >=> test_filter
> >    PRESENT
> >=> access_allowed: search access to "cn=ca,cn=users,dc=x509,dc=ru"
> >"cACertificat
> >e" requested
> ><= root access granted
> ><= test_filter 6
> ><= test_filter_or 6
> ><= test_filter 6
> >=> send_search_entry: dn="cn=ca,cn=users,dc=x509,dc=ru"
> >=> access_allowed: read access to 
> "cn=ca,cn=users,dc=x509,dc=ru" "entry"
> >request
> >ed
> ><= root access granted
> ><----- access violation at this point
> >
> >search filter: 
> >(certificateRevocationList;binary=*)(authorityRevocationList;
binary=*)search
> >for: certificateRevocationList;binary and 
> authorityRevocationList;binary
> >slapd log:
> >bdb_search: 2 does match filter
> >====> bdb_cache_return_entry_r( 2 ): returned (0)
> >====> bdb_cache_find_entry_id( 3 ) 
> "cn=ca,cn=users,dc=x509,dc=ru" (found) (1
> >tri
> >es)
> >=> test_filter
> >    OR
> >=> test_filter_or
> >=> test_filter
> >    PRESENT
> >=> access_allowed: search access to "cn=ca,cn=users,dc=x509,dc=ru"
> >"certificateR
> >evocationList" requested
> ><= root access granted
> ><= test_filter 6
> ><= test_filter_or 6
> ><= test_filter 6
> >=> send_search_entry: dn="cn=ca,cn=users,dc=x509,dc=ru"
> >=> access_allowed: read access to 
> "cn=ca,cn=users,dc=x509,dc=ru" "entry"
> >request
> >ed
> ><= root access granted
> ><----- access violation at this point
>