074e13d Bug 797946 - crash when simple paged fails to send entry to client

Authored and Committed by nhosoi 12 years ago
    Bug 797946 - crash when simple paged fails to send entry to client
    
    https://bugzilla.redhat.com/show_bug.cgi?id=797946
    Resolves: bug 797946
    Clone of: bug 751645
    Bug Description: crash when simple paged fails to send entry to client
    Reviewed by: nkinder,nhosoi (Thanks!)
    Branch: master
    Fix Description: The crash happens when the server is sending back the paged
    result entry responses to the client and there is a problem with the
    connection e.g. the client closes the socket while the server is doing the
    PR_Send/PR_Write on the client socket.  If the reader thread in
    connection_read_operation() sees the close first, it will call
    disconnect_server() to disconnect the socket and cleanup the pagedresult
    structure back_search_result_set in the Connection*.  The problem with this
    is that it leaves a dangling reference to the pagedresult structures in the
    writer thread in ldbm_back_next_search_entry_ext.  When that code sees the
    error from the write, it will also attempt to free the search result, and
    will get an invalid or double free error.  The solution is to not do the
    pagedresults_cleanup in disconnect_server(), but instead allow the writer
    thread to do the cleanup safely.  The connection_cleanup() function will
    call pagedresults_cleanup() to avoid any memory leaks.  The only thing the
    disconnect_server() function needs to do is to reset the c_timelimit to
    avoid the "slapd stops responding" and "simple paged results timeout"
    problems.
    Platforms tested: RHEL6 x86_64
    Flag Day: no
    Doc impact: no
    (cherry picked from commit 55106fe77d2c834b0ba866d440bb8ce08c1d01ff)