From 3d8e8ed15942374939c95384b5cd03b0162000ad Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 8 Sep 2023 09:56:47 +0200 Subject: [PATCH] nsswitch/wb_common.c: don't operate on a stale wb_global_ctx.key If nss_winbind is loaded into a process that uses fork multiple times without any further calls into nss_winbind, wb_atfork_child handler was using a wb_global_ctx.key that was no longer registered in the pthread library, so we operated on a slot that was potentially reused by other libraries or the main application. Which is likely to cause memory corruption. So we better don't call pthread_key_delete() in wb_atfork_child(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464 Reported-by: Krzysztof Piotr Oledzki Tested-by: Krzysztof Piotr Oledzki Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison (cherry picked from commit 91b30a7261e6455d3a4f31728c23e4849e3945b9) --- nsswitch/wb_common.c | 5 ----- selftest/knownfail.d/b15464_testcase | 1 - 2 files changed, 6 deletions(-) delete mode 100644 selftest/knownfail.d/b15464_testcase diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c index d56e48d9bdb..38f9f334016 100644 --- a/nsswitch/wb_common.c +++ b/nsswitch/wb_common.c @@ -76,11 +76,6 @@ static void wb_atfork_child(void) winbind_close_sock(ctx); free(ctx); - - ret = pthread_key_delete(wb_global_ctx.key); - assert(ret == 0); - - wb_global_ctx.control = (pthread_once_t)PTHREAD_ONCE_INIT; } static void wb_thread_ctx_destructor(void *p) diff --git a/selftest/knownfail.d/b15464_testcase b/selftest/knownfail.d/b15464_testcase deleted file mode 100644 index 94dd7db7c2a..00000000000 --- a/selftest/knownfail.d/b15464_testcase +++ /dev/null @@ -1 +0,0 @@ -^b15464_testcase.run.b15464-testcase