[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6752) slapo-dynlist issues

Full_Name: Hallvard B Furuseth
Version: 2.4.23
Submission from: (NULL) (
Submitted by: hallvard

Dynlist Compare operation:
- dynlist_compare() can use an entry after it has been released.
  It thinks that clearing rs->sr_entry prevents a search from releasing
  the entry, even after the search completes.  Not so.

  Dynlist mostly worked anyway, I think because dynlist itself follows
  this expectation for entries without REP_ENTRY_MODIFIABLE which it has
  duplicated.  That includes entries it receives directly from back-bdb.

- dynlist_compare() can do needless work: search the same entry several
  times, fetch an entry to search in a backend which does not support
  searching, find authz for an entry which will not be searched.

- dynlist_sc_save_entry() could read rs->sr_entry when rs->sr_type !=
  REP_SEARCH, which means some other part of the union may be in use.

Search operation:
- dynlist_sc_update() did not clear REP_ENTRY_MODIFIABLE when freeing.
- dynlist_prepare_entry() did not honor REP_ENTRY_MUSTRELEASE.

OpenLDAP 2.2/2.3 compatibility code:
- Can be dropped, recent dynlist.c does not compile on these versions.

Fixing.  Simplest Compare fix will ignore errors from
o.o_bd->be_search(), just like dynlist_prepare_entry() does.