[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5121) IDL cache issue



Howard Chu wrote:
> ando@sys-net.it wrote:
>> To reproduce:
>>
>> - set idlcache
>>
>> - search one entry, so that the idl gets cached
>>
>> - delete that entry, so that the idl gets cleared - but head/tail don't
>>
>> - search another entry so that it gets cached - head/tail are corrupted
>>
>> I've a fix for this about to come (affects 2.4.5 as well, sigh; not sure
>> about re23).
> 
> Coverity shows this patch has introduced a NULL pointer dereference.
> @@ -364,6 +381,9 @@
>                 ee = bdb->bi_idl_lru_tail;
>                 for ( i = 0; i < 10; i++, ee = eprev ) {
>                         eprev = ee->idl_lru_prev;
> +                       if ( eprev == ee ) {
> +                               eprev = NULL;
> +                       }
>                         if ( ee->idl_flags & CACHE_ENTRY_REFERENCED ) {
>                                 ee->idl_flags ^= CACHE_ENTRY_REFERENCED;
>                                 continue;
> 
> What's the purpose of this change

Make sure bi_idl_lru_tail gets set to NULL if purging the cache makes it
empty.  Perhaps it's an overshoot.

> and should you be testing for a NULL
> now in the for loop conditions?

Yes, I realize I should test for ee != NULL in the for loop.

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------