9f45f62 Ticket 49736 - Hardening of active connection list

1 file Authored by tbordaz 5 years ago, Committed by mreynolds 5 years ago,
    Ticket 49736 - Hardening of active connection list
    
    Bug Description:
    	In case of a bug in the management of the connection refcnt
    	it can happen that there are several attempts to move a connection
    	out of the active list.
    
    	It triggers a crash because when derefencing c->c_prev.
    	c_prev is never NULL on the active list
    
    Fix Description:
    	The fix tests if the connection is already out of the active list.
    	If such case, it just returns.
    
    	A potential issue that is not addressed by this fix is:
    	Thread A and Thread B are using 'c' but c->refcnt=1 (it should be 2)
    	Thread A "closes" 'c', 'c' is move out of active list (free) because of refcnt=0
    	A new connection happens selecting the free connection 'c', moving it to the active list.
    	Thread C is using 'c' from the new connection c->refcnt=1
    	Thread B "closes" 'c', 'c' is moved out of the active list.
    	-> new operation coming on 'c' will not be detected
    	-> Thread C will likely crash when sending result
    
    https://pagure.io/389-ds-base/issue/49736
    
    Reviewed by: Mark Reynolds (thanks!)
    
    Platforms tested: F26
    
    Flag Day: no
    
    Doc impact: no
    
    (cherry picked from commit b0e05806232b781eed3ff102485045a358d7659b)