8728 – MDB_VL32 bug deleting overflow pages

Issue 8728 - MDB_VL32 bug deleting overflow pages

Summary: MDB_VL32 bug deleting overflow pages

Status:	RESOLVED TEST

Alias:	None

Product:	LMDB
Classification:	Unclassified
Component:	liblmdb (show other issues)
Version:	unspecified
Hardware:	All All

Importance:	--- normal
Target Milestone:	1.0.0
Assignee:	OpenLDAP project

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-09-09 14:07 UTC by Howard Chu
Modified:	2020-03-16 22:51 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description Howard Chu 2017-09-09 14:07:50 UTC

Full_Name: Howard Chu
Version: mdb.master
OS: 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (83.136.45.114)
Submitted by: hyc


The cursor's mc_ovpg pointer must be cleared after freeing a dirty overflow
page, otherwise a use-after-free can occur later.

Comment 1 OpenLDAP project 2017-10-30 15:12:07 UTC

fixed in mdb.master

Comment 2 Howard Chu 2017-10-30 15:12:07 UTC

changed notes
changed state Open to Test
moved from Incoming to Software Bugs