ITS#9045 Do not share cn=config entries with outside code (!577) · Merge requests · openldap / OpenLDAP

Ondřej Kuzník requested to merge ondra/openldap:its9045 into master Oct 26, 2022

config_back_entry_get currently returns the entry directly without securing the rwlock, which is unsafe. However we can't keep holding it on return in case the caller decides to hold onto the entry indefinitely, hence rlock+entry_dup+runlock.

ITS#9045 Do not share cn=config entries with outside code

Merge request reports