Full_Name: Rein Tollevik Version: CVS head OS: linux and solaris URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (81.93.160.250)
The patch at the end adds missing parenthesis around a negated flags bit test in syncprov.c. Without them the test always fails, the entry is never duplicated and a double-free occur when the a_nvals is free'ed in the next statement if the same entry is sent to more than one recipient simultaneously.
Rein Tollevik Basefarm AS
Index: OpenLDAP/servers/slapd/overlays/syncprov.c diff -u OpenLDAP/servers/slapd/overlays/syncprov.c:1.9 OpenLDAP/servers/slapd/overlays/syncprov.c:1.10 --- OpenLDAP/servers/slapd/overlays/syncprov.c:1.9 Sun Mar 23 14:06:03 2008 +++ OpenLDAP/servers/slapd/overlays/syncprov.c Mon Mar 31 15:43:31 2008 @@ -2385,7 +2385,7 @@ }
if ( !ap ) { - if ( !rs->sr_flags & REP_ENTRY_MODIFIABLE ) { + if ( !(rs->sr_flags & REP_ENTRY_MODIFIABLE) ) { rs->sr_entry = entry_dup( rs->sr_entry ); rs->sr_flags |= REP_ENTRY_MODIFIABLE|REP_ENTRY_MUSTBEFREED;