From 7b35b724f8a874a200154d1e3626ed14cc5b8245 Mon Sep 17 00:00:00 2001 From: Ludwig Krispenz Date: Mon, 24 Jun 2013 10:19:53 +0200 Subject: [PATCH 73/99] Ticket 47396 - crash on modrdn of tombstone Bug Description: a client modrdn operation on a tombstone entry can crash the server Fix Description: client modrdns and modifies on tombstone entries should not be accepted. Tombstones aer internally kept for eventual conflict resolution, normal clients should not touch them. an exception would be to force purging of tombstones or a kind of "undo" for a delete, which could resurrect a tombstone, but this is not in the scope of this ticket https://fedorahosted.org/389/ticket/47396 Reviewed by: Rich, thanks (cherry picked from commit d1d6245d6ab894cf56e2529cb5c5dc941f4843cd) --- ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index b5cb90b..c539463 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c @@ -352,6 +352,13 @@ ldbm_back_modrdn( Slapi_PBlock *pb ) goto error_return; /* error result sent by find_entry2modify() */ } e_in_cache = 1; /* e is in the cache and locked */ + if (slapi_entry_flag_is_set(e->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE) ) { + ldap_result_code = LDAP_UNWILLING_TO_PERFORM; + ldap_result_message = "Operation not allowed on tombstone entry."; + slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_modrdn", + "Attempt to rename a tombstone entry %s\n", slapi_sdn_get_dn(slapi_entry_get_sdn_const( e->ep_entry ))); + goto error_return; + } /* Check that an entry with the same DN doesn't already exist. */ { Slapi_Entry *entry; -- 1.8.1.4