Hi

I'm developing an overlay that intercepts 'modify' operation on an object's userPassword attribute and passes it away to an external helper daemon. This helper daemon does some operations in many places and also does a modification on the sambe object in openldap database. It means that my 'modify' callback at overlay is called twice: the second time is called before the first one completes. I think this behaviour is addressed quite well.

I'm using OpenLDAP 2.4.21 to develop and test the overlay. The problem is that slapd is getting a segfault within over_op_func() at line 722 (the 'for' statement):

rc = overlay_op_walk( op, rs, which, oi, on ); for ( sc = &op->o_callback; *sc; sc = &(*sc)->sc_next ) { if ( *sc == &cb ) { *sc = cb.sc_next; break; } }

Debugging with gdb over_op_func() arguments, either 'op', 'rs' and 'which' are invalids, pointing to invalid locations.

The problem occur may hours after slapd is started.

Taking a careful looking to overlay, it is doing a few things with op... nothing means it is getting corrupted... It just do:

slap_overinst *on = (slap_overinst *) op->o_bd->bd_info; op->o_bd->bd_info = (BackendInfo *)on->on_info; ret = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e ); op->o_bd->bd_info = (BackendInfo *)on;

... get some attributes with attr_find()....

op->o_bd->bd_info = (BackendInfo *)on->on_info; be_entry_release_r(op, e);

.... send attributes to helper daemon ....

Maybe is happening:

1. op is getting corrupted 2. some function is doing a illegal call to over_op_func()

Is there any advice how can I investigate/address this issue?

I'll submit this overlay to contrib as it gets stable :)

Thanks a lot in advance!!

regards Lucas Brasilino