Bug ID 442699: APD process may leak memory in case password complexity check is enabled and user's displayName contains special chars

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.4.1 HF4, 11.4.0 HF6, 11.3.0 HF9

Opened: Jan 13, 2014
Severity: 3-Major
Related Article:
K15658

Symptoms

If "Complexity check for Password Reset" option is enabled in an Active Directory (AD) agent, then the APD process may throw an exception in some conditions. That will cause APD to leak memory.

Impact

memory leak in APD process

Conditions

"Complexity check for Password Reset" option is enabled user's displayName attribute contains special characters (e.g. "(" ")" "{" or any other). password change is requested during user's logon process

Workaround

disable password complexity check if displayName contains special characters

Fix Information

after fix, AD module handles displayName properly even if it contains special characters, exception doesn't happen. AD module is exception safe, even if exception happens in any other situation, APD doesn't leak memory in AD module code.

Behavior Change