The Samba-Bugzilla – Bug 12904
LDB locking patches trigger invalid read
Last modified: 2017-08-11 08:19:48 UTC
Right now, giving an invalid control in ldbsearch triggers panics. This appears to be due to ldb_module_done triggering the unlock case twice (once with DONE, and once with error + DONE).
This appears to be due to dsdb_next_callback failing to set the DONE flag on the handle. This means that the ldb_next_request code will forcibly call done as soon as any module omits it. The locking callback appears to be the only case which is not currently idempotent.
Created attachment 13441 [details]
possible patch for master
Created attachment 13443 [details]
patch cherry-picked from master for 4.7 (only)
Pushed to autobuild-v4-7-test.
(In reply to Karolin Seeger from comment #3)
Pushed to v4-7-test.
Closing out bug report.