[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8064) SIGSEGV in monitor-shutdown code

Full_Name: Leonid Yuriev
Version: 2.4-HEAD
OS: RHEL7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (31.130.36.33)


Monitor-backend shutdown code could call a callback from registered subsystem
after it is already destroyed.

For instance, currently ldap-backend frees its own registered context (lmi_mss
from ldap_monitor_info_t) before than monitor_back_db_destroy() will be called.

Therefore SIGSEGV would be occur on monitor shutdown if any ldap-backend
database is configured and such freed context will be overwrited.

This bug could be reproduced by a filling-memory-with-non-zero before calling
free() from glibc.