On Mon, Nov 20, 2023 at 12:05 PM Yann Ylavic <ylavic....@gmail.com> wrote: > > On Mon, Nov 20, 2023 at 11:54 AM Graham Leggett via dev > <dev@httpd.apache.org> wrote: > > > > On 20 Nov 2023, at 10:44, Yann Ylavic <ylavic....@gmail.com> wrote: > > > > >> URL: http://svn.apache.org/viewvc?rev=1913962&view=rev > > >> Log: > > >> Apply earlier fix to the ldapsearch case: > > >> > > >> Arrange for backend LDAP connections to be returned > > >> to the pool by a fixup hook rather than staying locked > > >> until the end of (a potentially slow) request. > > > > > > It seems that this commit aligns the checks/setup of ldapsearch with > > > the ones of ldapfilter, but nothing about LDAP connections > > > recycling/reuse? > > > > That’s correct - the recycling/reuse code is being backported separately, > > it all depends on this code. > > > > The end goal is for all trunk changes to be applied to v2.4 and each is > > aligned. > > > > > In ldapfilter_check_authorization() we bail out early if r->user is > > > NULL but not here in ldapsearch_check_authorization(), can't it > > > happen? > > > > In ldapsearch we don’t care about the user, it’s purely whether the filter > > expression being applied in the search returns exactly one result. > > Fine, but if r->user is NULL here we'll segfault (NULL dereference) in > "if (!*r->user)" here.
Probably an unfortunate copy/paste in trunk only (not in your backport patch3), fixed in r1913977. Regards; Yann.
