[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5445) syncprov double-free bugfix.

To: openldap-its@OpenLDAP.org
Subject: (ITS#5445) syncprov double-free bugfix.
From: rein@basefarm.no
Date: Mon, 31 Mar 2008 14:19:37 GMT

Full_Name: Rein Tollevik
Version: CVS head
OS: linux and solaris
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.93.160.250)


The patch at the end adds missing parenthesis around a negated flags bit test in
syncprov.c.  Without them the test always fails, the entry is never duplicated
and a double-free occur when the a_nvals is free'ed in the next statement if the
same entry is sent to more than one recipient simultaneously.

Rein Tollevik
Basefarm AS

Index: OpenLDAP/servers/slapd/overlays/syncprov.c
diff -u OpenLDAP/servers/slapd/overlays/syncprov.c:1.9
OpenLDAP/servers/slapd/overlays/syncprov.c:1.10
--- OpenLDAP/servers/slapd/overlays/syncprov.c:1.9	Sun Mar 23 14:06:03 2008
+++ OpenLDAP/servers/slapd/overlays/syncprov.c	Mon Mar 31 15:43:31 2008
@@ -2385,7 +2385,7 @@
 				}
 
 				if ( !ap ) {
-					if ( !rs->sr_flags & REP_ENTRY_MODIFIABLE ) {
+					if ( !(rs->sr_flags & REP_ENTRY_MODIFIABLE) ) {
 						rs->sr_entry = entry_dup( rs->sr_entry );
 						rs->sr_flags |=
 							REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED;

Prev by Date: (ITS#5444) slapd seg. fault using mulitmirrored mode
Next by Date: Re: (ITS#5444) slapd seg. fault using mulitmirrored mode
Index(es):
- Chronological
- Thread