[SERVER-28370] Prevent LDAP authorization crash when parsing null valued attributes Created: 17/Mar/17  Updated: 05/Apr/17  Resolved: 17/Mar/17

Status: Closed
Project: Core Server
Component/s: Internal Client
Affects Version/s: 3.4.2
Fix Version/s: 3.4.3, 3.5.5

Type: Bug Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v3.4
Sprint: Platforms 2017-03-27
Participants:

 Description   

RFC4511 allows LDAP searches to return empty attributes which have no values:

4.1.7. Attribute and PartialAttribute

Attributes and partial attributes consist of an attribute description
and attribute values. A PartialAttribute allows zero values, while
Attribute requires at least one value.

PartialAttribute ::= SEQUENCE {
type AttributeDescription,
vals SET OF value AttributeValue }

4.5.2. Search Result

The results of the Search operation are returned as zero or more
SearchResultEntry and/or SearchResultReference messages, followed by
a single SearchResultDone message.

SearchResultEntry ::= [APPLICATION 4] SEQUENCE {
objectName LDAPDN,
attributes PartialAttributeList }

PartialAttributeList ::= SEQUENCE OF
partialAttribute PartialAttribute

SearchResultReference ::= [APPLICATION 19] SEQUENCE
SIZE (1..MAX) OF uri URI

SearchResultDone ::= [APPLICATION 5] LDAPResult

Servers conforming to this specification do not need to return any values for a particular attribute.

libldap appears to return a NULL pointer when ldap_get_values_len is called for an attribute without values, instead of an array containing a NULL pointer. libldap more commonly returns a NULL pointer on error. However, this condition is not considered an error, so no result code is set on the LDAP session handle.

We should correctly handle this case.



 Comments   
Comment by Githook User [ 17/Mar/17 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-28370: Avoid crash when parsing null valued LDAP attributes

(cherry picked from commit 37c0edb1a50590e7591412b1fcc308dd85348f24)
Branch: v3.4
https://github.com/10gen/mongo-enterprise-modules/commit/ddbfcdc097d658293caabdf2506222c43803c51d

Comment by Githook User [ 17/Mar/17 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-28370: Avoid crash when parsing null valued LDAP attributes
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/37c0edb1a50590e7591412b1fcc308dd85348f24

Generated at Thu Feb 08 04:17:56 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.