[Date Prev][Date Next]
(ITS#6752) slapo-dynlist issues
Full_Name: Hallvard B Furuseth
Submission from: (NULL) (220.127.116.11)
Submitted by: hallvard
Dynlist Compare operation:
- dynlist_compare() can use an entry after it has been released.
It thinks that clearing rs->sr_entry prevents a search from releasing
the entry, even after the search completes. Not so.
Dynlist mostly worked anyway, I think because dynlist itself follows
this expectation for entries without REP_ENTRY_MODIFIABLE which it has
duplicated. That includes entries it receives directly from back-bdb.
- dynlist_compare() can do needless work: search the same entry several
times, fetch an entry to search in a backend which does not support
searching, find authz for an entry which will not be searched.
- dynlist_sc_save_entry() could read rs->sr_entry when rs->sr_type !=
REP_SEARCH, which means some other part of the union may be in use.
- dynlist_sc_update() did not clear REP_ENTRY_MODIFIABLE when freeing.
- dynlist_prepare_entry() did not honor REP_ENTRY_MUSTRELEASE.
OpenLDAP 2.2/2.3 compatibility code:
- Can be dropped, recent dynlist.c does not compile on these versions.
Fixing. Simplest Compare fix will ignore errors from
o.o_bd->be_search(), just like dynlist_prepare_entry() does.