30 Sep
2013
30 Sep
'13
3:18 p.m.
Full_Name: Emily Backes Version: RE24/HEAD OS: any URL: Submission from: (NULL) (98.155.30.248)
libldap has a lock ordering problem in do_abandon in libldap/abandon.c; do_abandon always runs in locked req_mutex context, but one of the cases acquires conn_mutex for the ldap_free_connection() call.
The function is always called with that mutex held, but has several non-local exits and other difficulties with refactoring the problem away, so the clearest solutions seems to be dropping and retrieving the req_mutex while messing with the conn_mutex.
Patch incoming.