mmap_cache: Do not remove record from chain twice

It is not very likely, that record will have the same hash1 and hash2, but it
is possible. In this situation, it does not make sense to remove record twice.

Function sss_mc_rm_rec_from_chain was not robust and sssd_nss could crash
in this situation. It was only possible if record was alone in chain.

Resolves:
https://fedorahosted.org/sssd/ticket/2049

1 files changed, 6 insertions, 0 deletions

diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c
index 84570ac20..a22bbd594 100644
--- a/src/responder/nss/nsssrv_mmap_cache.c
+++ b/src/responder/nss/nsssrv_mmap_cache.c
@@ -243,6 +243,12 @@ static void sss_mc_rm_rec_from_chain(struct sss_mc_ctx *mcc,
     }
 
     slot = mcc->hash_table[hash];
+    if (slot == MC_INVALID_VAL) {
+        /* record has already been removed. It may happen if rec->hash1 and
+         * rec->has2 are the same. (It is not very likely).
+         */
+        return;
+    }
     cur = MC_SLOT_TO_PTR(mcc->data_table, slot, struct sss_mc_rec);
     if (cur == rec) {
         /* rec->next can refer to record without matching hashes.