Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Issue 5218 - double-free of the virtual attribute context in persiste…
…nt search (#5219) description: A search is processed by a worker using a private pblock. If the search is persistent, the worker spawn a thread and kind of duplicate its private pblock so that the spawn thread continue to process the persistent search. Then worker ends the initial search, reinit (free) its private pblock, and returns monitoring the wait_queue. When the persistent search completes, it frees the duplicated pblock. The problem is that private pblock and duplicated pblock are referring to a same structure (pb_vattr_context). That can lead to a double free Fix: When cloning the pblock (slapi_pblock_clone) make sure to transfert the references inside the original (private) pblock to the target (cloned) one That includes pb_vattr_context pointer. Reviewed by: Mark Reynolds, James Chapman, Pierre Rogier (Thanks !) Co-authored-by: Mark Reynolds <mreynolds@redhat.com>
- Loading branch information