off-by-one in LDIF length

Thank you for taking the time to report this bug and helping to make Ubuntu better.

Which upstream releases are affected, please? Is it just 2.4.40, and thus just Wily? Or are 2.4.28 and/or 2.4.31 affected as well?

I have run both 2.4.31 and 2.4.40 for a few days, and have only experienced this type of slapd crash with 2.4.40. That by itself isn't conclusive though, since memory corruption errors can be sensitive in how they manifest. Looking at the code briefly, I see that the same off-by-one error in include/ldif.h is present in the 2.4.31 code (as well as 2.4.28), so the potential for the bug to be expressed is likely there in the earlier versions as well. I hedge with "likely" because it seems that there have been many changes made to this part of the code recently, and I've seen that just reading it briefly can be misleading when drawing firm conclusions.

The most conservative approach would be just to patch 2.4.40 for now, unless/until people report this bug in earlier versions. A more aggressive approach would be to patch 2.4.31 and 2.4.28 and wait for people to report other things breaking in the earlier versions.

As an aside -- I'm actually building/running the 2.4.40 package on 14.04, not on Wily -- and I have verified that adding the patch to the package build fixes the bug.

Any response on this?

This bug can be closed out now in favor of just building a new package for 2.4.41, since that release is now available and includes the fix:

http://www.openldap.org/software/release/changes.html

This bug was fixed in the package openldap - 2.4.41+dfsg-1ubuntu1

---------------
openldap (2.4.41+dfsg-1ubuntu1) wily; urgency=medium

  * Merge from Debian testing (LP: #1471831). Remaining changes:
    - Enable AppArmor support:
      - d/apparmor-profile: add AppArmor profile
      - d/rules: use dh_apparmor
      - d/control: Build-Depends on dh-apparmor
      - d/slapd.README.Debian: add note about AppArmor
    - Enable GSSAPI support:
      - d/patches/gssapi.diff, thanks to Jerry Carter (Likewise):
        - Add --with-gssapi support
        - Make guess_service_principal() more robust when determining
          principal
      - d/configure.options: Configure with --with-gssapi
      - d/control: Added heimdal-dev as a build depend
    - Enable ufw support:
      - d/control: suggest ufw.
      - d/rules: install ufw profile.
      - d/slapd.ufw.profile: add ufw profile.
    - Enable nss overlay:
      - d/{patches/nssov-build,rules}: Apply, build and package the
        nss overlay.
    - d/{rules,slapd.py}: Add apport hook.
    - d/slapd.init.ldif: don't set olcRootDN since it's not defined in
      either the default DIT nor via an Authn mapping.
    - d/slapd.scripts-common:
      - add slapcat_opts to local variables.
      - Remove unused variable new_conf.
      - Fix backup directory naming for multiple reconfiguration.
    - d/{slapd.default,slapd.README.Debian}: use the new configuration style.
    - d/rules: Enable -DLDAP_CONNECTIONLESS to build CLDAP (UDP) support
      in the openldap library, as required by Likewise-Open
    - Show distribution in version:
      - d/control: added lsb-release
      - d/patches/fix-ldap-distribution.patch: show distribution in version
  * Dropped changes:
    - Fix cpp calls for GCC 5: fixed upstream (ITS#8056)
  * Upstream fixes:
    - slapd crash with auditlog overlay and large (~27KB) attribute values
      (ITS#8003) (LP: #1461276)
    - nssov updated to support recent nss-pam-ldapd client libraries
      (ITS#8097) (LP: #1393306)
  * Update d/patches/nssov-build for upstream changes.
  * Tweak d/patches/gssapi.diff to apply without fuzz.
  * d/libldap-2.4-2.symbols: Add symbols not present in Debian.
    - CLDAP (UDP) was added in 2.4.17-1ubuntu2
    - GSSAPI support was enabled in 2.4.18-0ubuntu2

 -- Ryan Tandy <email address hidden> Fri, 24 Jul 2015 14:12:06 -0700