[ZBX-6342] OpenLDAP NULL target assertion crashes Zabbix server when no DIT has been defined. Created: 2013 Mar 04 Updated: 2017 May 30 Resolved: 2013 Mar 15 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | Server (S) |
Affects Version/s: | 2.0.4 |
Fix Version/s: | 1.8.17rc1, 2.0.6rc1, 2.1.0 |
Type: | Incident report | Priority: | Critical |
Reporter: | Russell Jancewicz | Assignee: | Unassigned |
Resolution: | Fixed | Votes: | 0 |
Labels: | crash, ldap | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | simple-ldap-null-attr.patch |
Description |
bug in src/libs/zbxsysinfo/simple/simple.c if cn=config is populated and slapd is running but there has yet to be a dit added to the database the following line will return null attr = ldap_first_attribute(ldap, msg, &ber); which causes the following valRes = ldap_get_values(ldap, msg, attr); to pass a null parameter to the ldap library which causes an assertion to be raised. the result of this assertion being raised causes the entire zabbix server to crash hard until restarted. This is due the fact that namingContexts isn't yet populated for the null dn. ldapsearch -H ldapi:/// -Y EXTERNAL -b '' -s base namingContexts
#
This can all be avoided by continuing the checks which are done above the impacted line if (NULL == (attr = ldap_first_attribute(ldap, msg, &ber)) { zabbix_log(LOG_LEVEL_DEBUG, "LDAP - empty first entry result. [%s] [%s]", host, ldap_err2string(ldapErr)); goto lbl_ret; }It should be unneeded to wrap the final ldap call |
Comments |
Comment by Russell Jancewicz [ 2013 Mar 04 ] |
And evidently I made a typo in the bug tile... Zabbix... |
Comment by Oleksii Zagorskyi [ 2013 Mar 05 ] |
The typo in summary has been fixed. |
Comment by dimir [ 2013 Mar 15 ] |
Successfully tested development branch svn://svn.zabbix.com/branches/dev/ZBX-6342 . |
Comment by Aleksej Ivanov (Inactive) [ 2013 Apr 05 ] |
Fixed missing parenthesis in r34819. |
Comment by Aleksej Ivanov (Inactive) [ 2013 Apr 05 ] |
Fixed in 1.8.17rc1 r34820, 2.0.6rc1 r34821, 2.1.0 r34822 |