Howard Chu wrote:
ando@sys-net.it wrote:
To reproduce:
set idlcache
search one entry, so that the idl gets cached
delete that entry, so that the idl gets cleared - but head/tail don't
search another entry so that it gets cached - head/tail are corrupted
I've a fix for this about to come (affects 2.4.5 as well, sigh; not sure about re23).
Coverity shows this patch has introduced a NULL pointer dereference. @@ -364,6 +381,9 @@ ee = bdb->bi_idl_lru_tail; for ( i = 0; i < 10; i++, ee = eprev ) { eprev = ee->idl_lru_prev;
if ( eprev == ee ) {eprev = NULL;} if ( ee->idl_flags & CACHE_ENTRY_REFERENCED ) { ee->idl_flags ^= CACHE_ENTRY_REFERENCED; continue;What's the purpose of this change
Make sure bi_idl_lru_tail gets set to NULL if purging the cache makes it empty. Perhaps it's an overshoot.
and should you be testing for a NULL now in the for loop conditions?
Yes, I realize I should test for ee != NULL in the for loop.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------