From 37475762febca341e151cc9392eb80f0f4f6d974 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Oct 02 2015 15:56:57 +0000
Subject: Ticket #48192 - Individual abandoned simple paged results request has no chance to be cleaned up


Description: If CONN_FLAG_PAGEDRESULTS_ABANDONED is set to pr_flags,
the search results in the pagedresults handle is supposed to have been
cleaned up.  But when there is a contention, there is a case that it
is reset with the already released search results.  This patch adds an
additional check for abandoned flag in pagedresults_set_search_result.
If the pagedresults handle shows it is abandoned, the search results
is not set to the handle unless it is for cleaning up with NULL.

https://fedorahosted.org/389/ticket/48192

Reviewed by rmeggins@redhat.com (Thanks, Rich!!)

(cherry picked from commit 6e453918e82af6c597390aebf92a8eb3283c3591)
(cherry picked from commit 96b9b6794e0a6bfa0d74c84f6c80131c4f820fa7)
(cherry picked from commit 4a4a7ed06d3271f7337e5fac5f85498dfe79b0db)
(cherry picked from commit fb94767d78e15617101ff8299c724194f0c858ea)

---

diff --git a/ldap/servers/slapd/pagedresults.c b/ldap/servers/slapd/pagedresults.c
index 9e183ec..434e48d 100644
--- a/ldap/servers/slapd/pagedresults.c
+++ b/ldap/servers/slapd/pagedresults.c
@@ -350,7 +350,7 @@ pagedresults_free_one_msgid_nolock( Connection *conn, ber_int_t msgid )
             for (i = 0; i < conn->c_pagedresults.prl_maxlen; i++) {
                 if (conn->c_pagedresults.prl_list[i].pr_msgid == msgid) {
                     PagedResults *prp = conn->c_pagedresults.prl_list + i;
-                    if (prp && prp->pr_current_be &&
+                    if (prp->pr_current_be &&
                         prp->pr_current_be->be_search_results_release &&
                         prp->pr_search_result_set) {
                         prp->pr_current_be->be_search_results_release(&(prp->pr_search_result_set));
@@ -442,7 +442,11 @@ pagedresults_set_search_result(Connection *conn, Operation *op, void *sr,
     if (conn && (index > -1)) {
         if (!locked) PR_Lock(conn->c_mutex);
         if (index < conn->c_pagedresults.prl_maxlen) {
-            conn->c_pagedresults.prl_list[index].pr_search_result_set = sr;
+            PagedResults *prp = conn->c_pagedresults.prl_list + index;
+            if (!(prp->pr_flags & CONN_FLAG_PAGEDRESULTS_ABANDONED) || !sr) {
+                /* If abandoned, don't set the search result unless it is NULL */
+                prp->pr_search_result_set = sr;
+            }
             rc = 0;
         }
         if (!locked) PR_Unlock(conn->c_mutex);