|
 |
a2f18f |
From 4c275349c72a01803b772717ee29e7ac6f9a903f Mon Sep 17 00:00:00 2001
|
|
|
a2f18f |
From: Mark Reynolds <mreynolds@redhat.com>
|
|
|
a2f18f |
Date: Mon, 20 Jul 2015 14:22:05 -0400
|
|
|
a2f18f |
Subject: [PATCH 29/30] Ticket 48206 - Crash during retro changelog trimming
|
|
|
a2f18f |
|
|
|
a2f18f |
Bug Description: If the retro changelog entry is small, its possible that
|
|
|
a2f18f |
during the trimming the reto changelog entry is not in the
|
|
|
a2f18f |
cache after the trim, but its tries to blindly unlock it
|
|
|
a2f18f |
from the cache, which leads to a crash.
|
|
|
a2f18f |
|
|
|
a2f18f |
FIx Description: After we call the post op plugins and retrieve the entry
|
|
|
a2f18f |
from the cache, double check that it was found. If it
|
|
|
a2f18f |
is not found, do not unlock it.
|
|
|
a2f18f |
|
|
|
a2f18f |
https://fedorahosted.org/389/ticket/48206
|
|
|
a2f18f |
|
|
|
a2f18f |
Reviewed by: nhosoi(Thanks!)
|
|
|
a2f18f |
|
|
|
a2f18f |
(cherry picked from commit 2a8a8c8ced5849dada34ab28d79e87dd3636e413)
|
|
|
a2f18f |
(cherry picked from commit 6d439887b99da557e8d7bc0c611d9afa909fdce7)
|
|
|
a2f18f |
---
|
|
|
a2f18f |
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 27 +++++++++++++++++----------
|
|
|
a2f18f |
1 file changed, 17 insertions(+), 10 deletions(-)
|
|
|
a2f18f |
|
|
|
a2f18f |
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
|
|
|
a2f18f |
index 59c1f76..f31d545 100644
|
|
|
a2f18f |
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
|
|
|
a2f18f |
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
|
|
|
a2f18f |
@@ -1257,17 +1257,24 @@ ldbm_back_delete( Slapi_PBlock *pb )
|
|
|
a2f18f |
CACHE_RETURN(&inst->inst_cache, &e);
|
|
|
a2f18f |
}
|
|
|
a2f18f |
}
|
|
|
a2f18f |
- if (cache_is_in_cache(&inst->inst_cache, e)) {
|
|
|
a2f18f |
- ep_id = e->ep_id; /* Otherwise, e might have been freed. */
|
|
|
a2f18f |
- CACHE_REMOVE(&inst->inst_cache, e);
|
|
|
a2f18f |
- }
|
|
|
a2f18f |
- cache_unlock_entry(&inst->inst_cache, e);
|
|
|
a2f18f |
- CACHE_RETURN(&inst->inst_cache, &e);
|
|
|
a2f18f |
- /*
|
|
|
a2f18f |
- * e is unlocked and no longer in cache.
|
|
|
a2f18f |
- * It could be freed at any moment.
|
|
|
a2f18f |
+
|
|
|
a2f18f |
+ /*
|
|
|
a2f18f |
+ * e could have been replaced by cache_find_id(), recheck if it's NULL
|
|
|
a2f18f |
+ * before trying to unlock it, etc.
|
|
|
a2f18f |
*/
|
|
|
a2f18f |
- e = NULL;
|
|
|
a2f18f |
+ if (e) {
|
|
|
a2f18f |
+ if (cache_is_in_cache(&inst->inst_cache, e)) {
|
|
|
a2f18f |
+ ep_id = e->ep_id; /* Otherwise, e might have been freed. */
|
|
|
a2f18f |
+ CACHE_REMOVE(&inst->inst_cache, e);
|
|
|
a2f18f |
+ }
|
|
|
a2f18f |
+ cache_unlock_entry(&inst->inst_cache, e);
|
|
|
a2f18f |
+ CACHE_RETURN(&inst->inst_cache, &e);
|
|
|
a2f18f |
+ /*
|
|
|
a2f18f |
+ * e is unlocked and no longer in cache.
|
|
|
a2f18f |
+ * It could be freed at any moment.
|
|
|
a2f18f |
+ */
|
|
|
a2f18f |
+ e = NULL;
|
|
|
a2f18f |
+ }
|
|
|
a2f18f |
|
|
|
a2f18f |
if (entryrdn_get_switch() && ep_id) { /* subtree-rename: on */
|
|
|
a2f18f |
/* since the op was successful, delete the tombstone dn from the dn cache */
|
|
|
a2f18f |
--
|
|
|
a2f18f |
1.9.3
|
|
|
a2f18f |
|