------=_20130709125114_66017
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
I have traced the fault into the syncrepl overlay, specifically it passes
a static global variable to be_search(). If a plugin is configured,
slapi_op_search_callback() is called, which then attempts to free the
static global search variable passed to be_search(), causing a crash.
The attached patch fixes the problem on my test system.
------=_20130709125114_66017
Content-Type: text/x-patch; name="openldap_syncprov_plugin_crash_fix.diff"
Content-Transfer-Encoding: 8bit
Content-Disposition: attachment;
filename="openldap_syncprov_plugin_crash_fix.diff"
--- servers/slapd/overlays/syncprov.c
+++ servers/slapd/overlays/syncprov.c
@@ -460,7 +460,13 @@
fop.ors_attrs = slap_anlist_no_attrs;
fop.ors_attrsonly = 1;
fop.ors_filter = &generic_filter;
- fop.ors_filterstr = generic_filterstr;
+
+ // If any plugins are enabled, slapi_overlay will attempt to
free the provided filter string in slapi_op_search_callback, causing a crash
+ // Therefore, allocate a copy of generic_filterstr for use by
be_search()
+ struct berval filterstr;
+ filterstr.bv_len = generic_filterstr.bv_len;
+ filterstr.bv_val = op->o_tmpalloc(generic_filterstr.bv_len + 1,
op->o_tmpmemctx);
+ memcpy(filterstr.bv_val, generic_filterstr.bv_val,
generic_filterstr.bv_len + 1);
rc = fop.o_bd->be_search( &fop, &frs );
} else {
------=_20130709125114_66017--
