backport http://svn.apache.org/viewvc?view=rev&revision=591488

fix pool misuse around mod_ldap's connection cache, previously pconf
could be used during request processing

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@595664 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 31487b8d2b63477c70bbe04558c01020fa1c76dd..cdb86bdb5013e5cbac8ea34fa968b98bd64a73c6 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.2.7
 
+  *) mod_ldap: Stop passing a reference to pconf around for
+     (limited) use during request processing, avoiding possible 
+     memory corruption and crashes.  [Eric Covener]
+
   *) Event MPM: Add support for running under mod_ssl, by reverting to the
      Worker MPM behaviors, when run under an input filter that buffers
      its own data. [Paul Querna]

diff --git a/STATUS b/STATUS
index 1788f96a8994e4427301425891e649a7e96ad484..c45abf445b194a25411811803bb31af9ca3a1d52 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -79,11 +79,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * mod_ldap: Remove pconf usage on request processing threads, create a 
-     subpool of the per-vhost LDAP pool instead of copying a reference to it.
-         http://svn.apache.org/viewvc?view=rev&revision=591488 
-     +1: covener, rpluem, rederpj
-
    * mod_ldap: Don't return references into shared memory to the caller, 
      as these may expire at any time because callers don't hold
      a cache lock

diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
index d6f8c78bc10a8153666864ca46c321fd73f96e4e..1d9195ed68a12db163bc81adc869e50e38d62b83 100644 (file)
--- a/modules/ldap/util_ldap.c
+++ b/modules/ldap/util_ldap.c
@@ -223,7 +223,7 @@ static int uldap_connection_init(request_rec *r,
      * some hosts with ports and some without. All hosts which do not
      * specify a port will use the default port.
      */
-    apr_ldap_init(ldc->pool, &(ldc->ldap),
+    apr_ldap_init(r->pool, &(ldc->ldap),
                   ldc->host,
                   APR_LDAP_SSL == ldc->secure ? LDAPS_PORT : LDAP_PORT,
                   APR_LDAP_NONE,
@@ -251,7 +251,7 @@ static int uldap_connection_init(request_rec *r,
 
     /* set client certificates */
     if (!apr_is_empty_array(ldc->client_certs)) {
-        apr_ldap_set_option(ldc->pool, ldc->ldap, APR_LDAP_OPT_TLS_CERT,
+        apr_ldap_set_option(r->pool, ldc->ldap, APR_LDAP_OPT_TLS_CERT,
                             ldc->client_certs, &(result));
         if (LDAP_SUCCESS != result->rc) {
             uldap_connection_unbind( ldc );
@@ -262,7 +262,7 @@ static int uldap_connection_init(request_rec *r,
 
     /* switch on SSL/TLS */
     if (APR_LDAP_NONE != ldc->secure) {
-        apr_ldap_set_option(ldc->pool, ldc->ldap,
+        apr_ldap_set_option(r->pool, ldc->ldap,
                             APR_LDAP_OPT_TLS, &ldc->secure, &(result));
         if (LDAP_SUCCESS != result->rc) {
             uldap_connection_unbind( ldc );
@@ -277,7 +277,7 @@ static int uldap_connection_init(request_rec *r,
 
 /*XXX All of the #ifdef's need to be removed once apr-util 1.2 is released */
 #ifdef APR_LDAP_OPT_VERIFY_CERT
-    apr_ldap_set_option(ldc->pool, ldc->ldap,
+    apr_ldap_set_option(r->pool, ldc->ldap,
                         APR_LDAP_OPT_VERIFY_CERT, &(st->verify_svr_cert), &(result));
 #else
 #if defined(LDAPSSL_VERIFY_SERVER)
@@ -307,7 +307,7 @@ static int uldap_connection_init(request_rec *r,
     }
 
     if (st->connectionTimeout >= 0) {
-        rc = apr_ldap_set_option(ldc->pool, ldc->ldap, LDAP_OPT_NETWORK_TIMEOUT,
+        rc = apr_ldap_set_option(r->pool, ldc->ldap, LDAP_OPT_NETWORK_TIMEOUT,
                                  (void *)&timeOut, &(result));
         if (APR_SUCCESS != rc) {
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
@@ -539,11 +539,19 @@ static util_ldap_connection_t *
          */
         /* create the details to the pool in st */
         l = apr_pcalloc(st->pool, sizeof(util_ldap_connection_t));
+        if (apr_pool_create(&l->pool, st->pool) != APR_SUCCESS) { 
+            ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r,
+                          "util_ldap: Failed to create memory pool");
+#if APR_HAS_THREADS
+            apr_thread_mutex_unlock(st->mutex);
+#endif
+            return NULL;
+    
+        }
 #if APR_HAS_THREADS
         apr_thread_mutex_create(&l->lock, APR_THREAD_MUTEX_DEFAULT, st->pool);
         apr_thread_mutex_lock(l->lock);
 #endif
-        l->pool = st->pool;
         l->bound = 0;
         l->host = apr_pstrdup(st->pool, host);
         l->port = port;
@@ -1990,7 +1998,7 @@ static int util_ldap_post_config(apr_pool_t *p, apr_pool_t *plog,
                       0,
                       &(result_err));
     if (APR_SUCCESS == rc) {
-        rc = apr_ldap_set_option(p, NULL, APR_LDAP_OPT_TLS_CERT,
+        rc = apr_ldap_set_option(ptemp, NULL, APR_LDAP_OPT_TLS_CERT,
                                  (void *)st->global_certs, &(result_err));
     }