nsswitch/wb_common.c: don't operate on a stale wb_global_ctx.key

If nss_winbind is loaded into a process that uses fork multiple times
without any further calls into nss_winbind, wb_atfork_child handler
was using a wb_global_ctx.key that was no longer registered in the
pthread library, so we operated on a slot that was potentially
reused by other libraries or the main application. Which is likely
to cause memory corruption.

So we better don't call pthread_key_delete() in wb_atfork_child().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464

Reported-by: Krzysztof Piotr Oledzki <ole@ans.pl>
Tested-by: Krzysztof Piotr Oledzki <ole@ans.pl>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 91b30a7261e6455d3a4f31728c23e4849e3945b9)

diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c
index d56e48d9bdb85f5eca5045fb53c6ced3651d52c0..38f9f334016b633c528544c21fff4c6e300d5168 100644 (file)
--- a/nsswitch/wb_common.c
+++ b/nsswitch/wb_common.c
@@ -76,11 +76,6 @@ static void wb_atfork_child(void)
 
        winbind_close_sock(ctx);
        free(ctx);
-
-       ret = pthread_key_delete(wb_global_ctx.key);
-       assert(ret == 0);
-
-       wb_global_ctx.control = (pthread_once_t)PTHREAD_ONCE_INIT;
 }
 
 static void wb_thread_ctx_destructor(void *p)

diff --git a/selftest/knownfail.d/b15464_testcase b/selftest/knownfail.d/b15464_testcase
deleted file mode 100644 (file)
index 94dd7db..0000000
--- a/selftest/knownfail.d/b15464_testcase
+++ /dev/null
@@ -1 +0,0 @@
-^b15464_testcase.run.b15464-testcase