2132875 Ticket #47707 - 389 DS Server crashes and dies while handles paged searches from clients

Authored and Committed by nhosoi 6 years ago
    Ticket #47707 - 389 DS Server crashes and dies while handles paged searches from clients
    
    Bug Description: If a simple paged search request was sent to the server
    and the request was abandoned, the paged result slot in the connection
    table was not properly released by setting NULL to pr_current_be.  Since
    the slot did not look available for the next request even though it was,
    the next request failed to get the valid slot number, and the initial slot
    number -1 failed to be replaced with the real slot number.  Until the fix
    for "Ticket #47623 fix memleak caused by 47347" was made, it overrode the
    allocated array's [-1] location, which usually stores the meta data of the
    allocated memory.  That crashed the server in the next realloc since the
    corrupted memory was passed to the function.
    
    Fix Description: This patch cleans up the abandoned/cleaned up slot for
    reuse.  Also, more check not to break the meta data is added.
    
    Special thanks to German Parente (gparente@redhat.com) for providing the
    reproducer and analysing the crash.
    
    https://fedorahosted.org/389/ticket/47707
    
    Reviewed by rmeggins@redhat.com (Thanks, Rich!)
    
    (cherry picked from commit 087356f7eaff2dff3c0c4f7dfcaa6aacc9979224)