??? Sun Directory Server 5.2 fun ???

[payothl () free fr]

Hi Evgeny,

I tried your "ProtoVer LDAP" on the last DS5.2Patch4 but without success.

It appears from the error message that the
Directory Server shut itself down after trying to allocate 1.6GB of
memory after receiving a 40K request from a client.  From the sample
packet provided, it was a subtree search request with a base DN of
"dc={40,000 plus signs},dc=example,dc=com" with a filter of "(foo=*)". The
search base DN is technically malformed, but even if that's the
case, then it is no excuse for causing the Directory Server to allocate
an excessive amount of memory and shut itself down.

However, I have tested this issue on both Solaris and Linux and have
been unable to reproduce it.  I am sending exactly the same request as
contained in the e-mail message describing the problem, but I can't seem
to make the server try to allocate a significant amount of memory, shut
down, or become unresponsive in any way.  I will say that behavior of
the Directory Server is not entirely correct in that it never sends a
response to the client, but it will eventually terminate the client
connection.  It appears that the length of time before the server closes
the connection to the client is equal to two times the configured value
of the  nsslapd-ioblocktimeout attribute.

There is a legitimate way to exploit this problem that I haven't
discovered yet.
I think that there is a little bit more configuration required before this can
be exercised

If you can reproduce this problem for yourself and provide me
with the details regarding how you were able to do, I will appreciate.

Guillaume