This is an automated email from the git hooks/post-receive script.
lkrispen pushed a commit to branch 389-ds-base-1.3.9 in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.3.9 by this push: new 2c1bd9a fix for 50542 crashes in filter tests 2c1bd9a is described below
commit 2c1bd9a3ca59c71096be2c6574ec14506db778e6 Author: Ludwig Krispenz lkrispen@redhat.com AuthorDate: Tue Aug 20 10:18:22 2019 +0200
fix for 50542 crashes in filter tests
The crash is when a backentry is released, there is a call to CACHE_RETURN and then check and free of a vlv entry. But CACHE_RETURN, under some conditions, can free the backentry - the following check will dereference a NULL entry and crashes
Fix: Reverse the order of freeing vlv entry and returning entry to cache
Note: Viktor did successfully runthe tests, thanks
Reviewed by: ? --- ldap/servers/slapd/back-ldbm/ldbm_search.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c index c8f5719..2ad8f74 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_search.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c @@ -1896,13 +1896,13 @@ ldbm_back_entry_release(Slapi_PBlock *pb, void *backend_info_ptr) slapi_pblock_get(pb, SLAPI_BACKEND, &be); inst = (ldbm_instance *)be->be_instance_info;
- CACHE_RETURN(&inst->inst_cache, (struct backentry **)&backend_info_ptr); - if (((struct backentry *)backend_info_ptr)->ep_vlventry != NULL) { /* This entry was created during a vlv search whose acl check failed. It needs to be * freed here */ slapi_entry_free(((struct backentry *)backend_info_ptr)->ep_vlventry); ((struct backentry *)backend_info_ptr)->ep_vlventry = NULL; } + CACHE_RETURN(&inst->inst_cache, (struct backentry **)&backend_info_ptr); + return 0; }
389-commits@lists.fedoraproject.org