From 639243552cc77fae21b861061492dc3e40187b82 Mon Sep 17 00:00:00 2001 From: Firstyear Date: Thu, 21 Jan 2021 10:12:57 +1000 Subject: [PATCH] Issue 4506 - BUG - fix oob alloc for fds (#4555) Bug Description: during review it was requested that a piece of code be changed which seemed quite innocent. The code was moved but the logic around the code wasn't considered causing the fd array for the accept thread to be allocated with a size of zero, causing the values to be lost. Fix Description: Move the allocation to the correct location. fixes: https://github.com/389ds/389-ds-base/issues/4506 Author: William Brown Review by: @mreynolds389 @droideck --- ldap/servers/slapd/daemon.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c index 55e10c5f7b..463ae33a6f 100644 --- a/ldap/servers/slapd/daemon.c +++ b/ldap/servers/slapd/daemon.c @@ -83,6 +83,7 @@ static int writesignalpipe = SLAPD_INVALID_SOCKET; static int readsignalpipe = SLAPD_INVALID_SOCKET; #define FDS_SIGNAL_PIPE 0 +static PRThread *accept_thread_p = NULL; static PRThread *disk_thread_p = NULL; static PRCondVar *diskmon_cvar = NULL; static PRLock *diskmon_mutex = NULL; @@ -1300,9 +1301,7 @@ setup_pr_accept_pds(PRFileDesc **n_tcps, PRFileDesc **s_tcps, PRFileDesc **i_uni LBER_SOCKET socketdesc = SLAPD_INVALID_SOCKET; PRIntn count = 0; size_t n_listeners = 0; - struct POLL_STRUCT *myfds = (struct POLL_STRUCT *)slapi_ch_calloc(1, (count + 1) * sizeof(struct POLL_STRUCT)); - /* Setup the return ptr */ - *fds = myfds; + struct POLL_STRUCT *myfds = NULL; /* How many fds do we have? */ if (n_tcps != NULL) { @@ -1320,6 +1319,10 @@ setup_pr_accept_pds(PRFileDesc **n_tcps, PRFileDesc **s_tcps, PRFileDesc **i_uni } #endif + /* Setup the return ptr and alloc the struct */ + myfds = (struct POLL_STRUCT *)slapi_ch_calloc(1, (count + 1) * sizeof(struct POLL_STRUCT)); + *fds = myfds; + /* Reset count. */ count = 0;