[ZBX-6342] OpenLDAP NULL target assertion crashes Zabbix server when no DIT has been defined. Created: 2013 Mar 04  Updated: 2017 May 30  Resolved: 2013 Mar 15

Status: Closed
Project: ZABBIX BUGS AND ISSUES
Component/s: Server (S)
Affects Version/s: 2.0.4
Fix Version/s: 1.8.17rc1, 2.0.6rc1, 2.1.0

Type: Incident report Priority: Critical
Reporter: Russell Jancewicz Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: crash, ldap
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: Text File simple-ldap-null-attr.patch    

 Description   

bug in src/libs/zbxsysinfo/simple/simple.c
static int check_ldap(const char *host, unsigned short port, int timeout, int *value_int)

if cn=config is populated and slapd is running but there has yet to be a dit added to the database the following line will return null

attr = ldap_first_attribute(ldap, msg, &ber);

which causes the following

valRes = ldap_get_values(ldap, msg, attr);

to pass a null parameter to the ldap library which causes an assertion to be raised.

the result of this assertion being raised causes the entire zabbix server to crash hard until restarted.

This is due the fact that namingContexts isn't yet populated for the null dn.

ldapsearch -H ldapi:/// -Y EXTERNAL -b '' -s base namingContexts

  1. extended LDIF
    #
  2. LDAPv3
  3. base <> with scope baseObject
  4. filter: (objectclass=*)
  5. requesting: namingContexts
    #

#
dn:

  1. search result
    search: 2
    result: 0 Success
  1. numResponses: 2
  2. numEntries: 1

This can all be avoided by continuing the checks which are done above the impacted line

if (NULL == (attr = ldap_first_attribute(ldap, msg, &ber))

{ zabbix_log(LOG_LEVEL_DEBUG, "LDAP - empty first entry result. [%s] [%s]", host, ldap_err2string(ldapErr)); goto lbl_ret; }

It should be unneeded to wrap the final ldap call
valRes = ldap_get_values(ldap, msg, attr);
as even if this returns null the result is not used further down.



 Comments   
Comment by Russell Jancewicz [ 2013 Mar 04 ]

And evidently I made a typo in the bug tile... Zabbix...

Comment by Oleksii Zagorskyi [ 2013 Mar 05 ]

The typo in summary has been fixed.

Comment by dimir [ 2013 Mar 15 ]

Successfully tested development branch svn://svn.zabbix.com/branches/dev/ZBX-6342 .

Comment by Aleksej Ivanov (Inactive) [ 2013 Apr 05 ]

Fixed missing parenthesis in r34819.

Comment by Aleksej Ivanov (Inactive) [ 2013 Apr 05 ]

Fixed in 1.8.17rc1 r34820, 2.0.6rc1 r34821, 2.1.0 r34822

Generated at Fri Mar 29 02:10:01 EET 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.