Existence of an entry is not checked when its password is to be deleted

[389-ds-bot]

Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/584

• Created at 2013-02-14 04:13:03 by nhosoi (@nhosoi)
• Closed as Fixed
• Assigned to nhosoi (@nhosoi)
• Associated bugzillas
  • https://bugzilla.redhat.com/show_bug.cgi?id=918690

---

Steps:
0. assume there is no entry which dn is uid=tuser1,,ou=People,dc=example,dc=com

1. delete a password of the non-existing entry

   $ ldapmodify ... << EOF
   dn: uid=tuser1,,ou=People,dc=example,dc=com
   changetype: modify
   delete: userpassword
   (userpassword: tuser1)
   EOF

If the bind user has the privilege to delete the password, the operation crashes the server.

[389-ds-bot]

Comment from nhosoi (@nhosoi) at 2013-02-14 04:18:11

Bug description: When attempting to delete a password from an
entry, a password syntax checking api check_pw_syntax_ext missed
a check if the target entry exists or not. Note: add and replace
checks it and handles the case correctly.

Fix description: In this patch the check is added to the delete
case, as well.

[389-ds-bot]

Comment from nhosoi (@nhosoi) at 2013-02-14 04:19:00

git patch file (master)
0001-Ticket-584-Existence-of-an-entry-is-not-checked-when.patch

[389-ds-bot]

Comment from nhosoi (@nhosoi) at 2013-02-20 04:35:00

Reviewed by Rich (Thank you!!)

Pushed to master: commit d559d46

Pushed to 389-ds-base-1.3.0: commit 4dcf155

[389-ds-bot]

Comment from nkinder (@nkinder) at 2013-03-07 00:13:31

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=918690

[389-ds-bot]

Comment from nhosoi (@nhosoi) at 2017-02-11 23:07:28

Metadata Update from @nhosoi:

• Issue assigned to nhosoi
• Issue set to the milestone: 1.3.0.3