389-ds-base

Clone
Source Code
GIT

#49933 Ticket 49932 - Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly
Closed 3 years ago by spichugi. Opened 5 years ago by mreynolds.
mreynolds/389-ds-base ticket49932  into  master

file modified
+2 
@@ -322,6 +322,8 @@ 
 

      if (pb->pb_intop != NULL) {
 

          _pblock_assert_pb_intop(new_pb);
 

          *(new_pb->pb_intop) = *(pb->pb_intop);
 

+         /* set pwdpolicy to NULL so this clone allocates its own policy */
 

+         new_pb->pb_intop->pwdpolicy = NULL;
 

      }
 

      if (pb->pb_intplugin != NULL) {
 

          _pblock_assert_pb_intplugin(new_pb);

Bug Description:

We clone a pblock in a psearch search, and under certain
error conditions this pblock is freed, but it frees the
password policy struct which can lead to a double free
when the original pblock is destroyed.

Fix Description:

During the cloning, set the pwppolicy struct to NULL
so the clone allocates its own policy if needed

https://pagure.io/389-ds-base/issue/49932

Reviewed by: ?

Ack. All I'l say is if you test with ASAN it should sohw you leaks too, and it's also nice to check we aren't leaking anything from the function we modify in these kind of changes. I'm sure you already know this though :)

Ack. All I'l say is if you test with ASAN it should sohw you leaks too, and it's also nice to check we aren't leaking anything from the function we modify in these kind of changes. I'm sure you already know this though :)

ASAN is what we used to get to the bottom of this issue :-p

Thanks!

Ack. All I'l say is if you test with ASAN it should sohw you leaks too, and it's also nice to check we aren't leaking anything from the function we modify in these kind of changes. I'm sure you already know this though :)

ASAN is what we used to get to the bottom of this issue :-p
Thanks!

Forget to mention I did test this fix under ASAN and no issues were reported.

Pull-Request has been merged by mreynolds
5 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This pull request has been cloned to Github as issue and is available here:
- https://github.com/389ds/389-ds-base/issues/2992

If you want to continue to work on the PR, please navigate to the github issue,
download the patch from the attachments and file a new pull request.

Thank you for understanding. We apologize for all inconvenience.

Pull-Request has been closed by spichugi
3 years ago
Metadata
None
No Tags
Changes Summary 1
+2 -0
file changed
ldap/servers/slapd/pblock.c
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.