From f3cc6db2fc9d04743cbeb147acc41ecdffbdfbf0 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Wed, 3 Jun 2015 12:12:54 -0700
Subject: [PATCH 330/333] Ticket #48149 - ns-slapd double free or corruption
 crash

Description: coverity defect: 2. Defect type: FORWARD_NULL
If mempstat is issued while an online import is running, it'd crash
the server.

https://fedorahosted.org/389/ticket/48149

Reviewed by rmeggins@redhat.com (Thank you, Rich!!)

(cherry picked from commit 608fcdfcd792e351edfc12cf89c2c9c6fc2a56d0)
---
 ldap/servers/slapd/back-ldbm/dblayer.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index 031523c..228fdea 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -4769,22 +4769,24 @@ int dblayer_memp_stat_instance(ldbm_instance *inst, DB_MPOOL_STAT **gsp,
 {
     DB_ENV *env = NULL;
     dblayer_private *priv = NULL;
+    struct dblayer_private_env *dblayerenv;
     int rc;
 
     PR_ASSERT(NULL != inst);
 
     if (inst->import_env->dblayer_DB_ENV) {
-        env = inst->import_env->dblayer_DB_ENV;
+        dblayerenv = inst->import_env;
     } else {
         priv = (dblayer_private *)inst->inst_li->li_dblayer_private;
         PR_ASSERT(NULL != priv);
-        env = priv->dblayer_env->dblayer_DB_ENV;
+        dblayerenv = priv->dblayer_env;
     }
+    env = dblayerenv->dblayer_DB_ENV;
     PR_ASSERT(NULL != env);
 
-    slapi_rwlock_wrlock(priv->dblayer_env->dblayer_env_lock);
+    slapi_rwlock_wrlock(dblayerenv->dblayer_env_lock);
     rc = MEMP_STAT(env, gsp, fsp, 0, (void *)slapi_ch_malloc);
-    slapi_rwlock_unlock(priv->dblayer_env->dblayer_env_lock);
+    slapi_rwlock_unlock(dblayerenv->dblayer_env_lock);
     return rc;
 }
 
-- 
1.9.3