Bug 7794 - probably a little bug in ldb_dn_explode()
probably a little bug in ldb_dn_explode()
Product: Samba 4.0
Classification: Unclassified
Other Linux
: P3 major
: ---
Assigned To: Andrew Bartlett
Depends on:
  Show dependency treegraph
Reported: 2010-11-13 16:31 UTC by Lisci Gianni Battista
Modified: 2010-11-18 04:46 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Lisci Gianni Battista 2010-11-13 16:31:31 UTC
I recently opened the following thread:
where samba4 was crashing while deleting user accounts imported through ldifde.exe. 

Later I noticed that not all of the imported user account caused a crash so I compared the different entries in the .ldf file.

and the result was the following:

the user account with a comma within the "dn", the "cn" and the
"distinguishedName" caused a crash(after a handmade handle "only" an error) trying to delete them.

for example this one would let hang the server:

dn: CN=Name\, Surname,DC=my,DC=test,DC=domain
cn: Name, Surname
distinguishedName: CN=Name\, Surname,DC=my,DC=test,DC=domain

I think the handling of different characters should be in ldb_dn_explode() within the file source4/lib/ldb/common/ldb_dn.c
Simo has commented there that there is a case that is to implement on the function, the handling of "#" but I didn't found anything about the "\,"(which seems to be a correct syntax for the dn as far as I have seen on the RFC) in the dn. not the simple comma that determines the end of a part of the dn.

hope you can do something with my infos(I tried to work on the file but my c programming skills are outdated since 10 years XD)

thanks and sorry if I cannot help more
and really great work till now!
Comment 1 Matthias Dieter Wallnöfer 2010-11-18 04:46:28 UTC
This has been fixed.