[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8354) syncprov segv

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8354) syncprov segv
From: hyc@symas.com
Date: Fri, 22 Jan 2016 20:43:56 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Thomas Pressnell wrote:
> Hi,
>
> Looking beyond syncprov.c:2574 o_abandon can be set, however as i
> understand it once the syncop has been added to the si_ops list its
> cleanup will be handled by syncprov_op_abandon, we would just need to
> ensure it has not traversed syncprov_op_abandon before being added to
> the list.
>
> Reading the rest of syncprov_op_search and syncprov_search_response i
> notice that syncprov_search_response does check o_abandon (when
> deciding if to detach the psearch).
>
> In the event of an abandon syncprov_search_response seems to assume
> syncprov_op_abandon will take care of the cleanup of the syncop, which
> it wouldn't if syncprov_op_abandon had already been executed before
> the syncop was added to the si_ops list @~ 2574

OK, thanks. A fix is now in git master. Probably about the same as the one you 
already described, but please test and feedback.
>
> I would then assume the op is freed, but the syncop remains in the
> list to be processed. Once reallocated and the o_abandon field is no
> longer set syncprov_matchops would start to include the syncop in its
> processing hitting potential issues such as this segv.
>
> Let me know if this ties up with how things really work or if i have
> misunderstood something along the way.
>
> Thanks
>
> Tom
>


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#8354) syncprov segv
Next by Date: Re: (ITS#8350) lmdb SIGBUS error on full partition and possible double free issue
Index(es):
- Chronological
- Thread