From b36bd703d771d5607debe673cf2e3b7b742fa188 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Wed, 15 Oct 2014 11:08:29 +0100
Subject: [PATCH] ITS#7967 fix abandon regression

From ITS#7712, avoid double-free of request
---
 libraries/libldap/abandon.c | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/libraries/libldap/abandon.c b/libraries/libldap/abandon.c
index b28811fa22..478ff20284 100644
--- a/libraries/libldap/abandon.c
+++ b/libraries/libldap/abandon.c
@@ -278,23 +278,29 @@ start_again:;
 	}
 
 	if ( lr != NULL ) {
+		LDAPConn *lc;
+		int freeconn = 0;
 		if ( sendabandon || lr->lr_status == LDAP_REQST_WRITING ) {
-			/* release ld_req_mutex while grabbing ld_conn_mutex to
-			 * prevent deadlock.
-			 */
-			LDAP_MUTEX_UNLOCK( &ld->ld_req_mutex );
-			LDAP_MUTEX_LOCK( &ld->ld_conn_mutex );
-			ldap_free_connection( ld, lr->lr_conn, 0, 1 );
-			LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
-			LDAP_MUTEX_LOCK( &ld->ld_req_mutex );
+			freeconn = 1;
+			lc = lr->lr_conn;
 		}
-
 		if ( origid == msgid ) {
 			ldap_free_request( ld, lr );
 
 		} else {
 			lr->lr_abandoned = 1;
 		}
+
+		if ( freeconn ) {
+			/* release ld_req_mutex while grabbing ld_conn_mutex to
+			 * prevent deadlock.
+			 */
+			LDAP_MUTEX_UNLOCK( &ld->ld_req_mutex );
+			LDAP_MUTEX_LOCK( &ld->ld_conn_mutex );
+			ldap_free_connection( ld, lc, 0, 1 );
+			LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
+			LDAP_MUTEX_LOCK( &ld->ld_req_mutex );
+		}
 	}
 
 	LDAP_MUTEX_LOCK( &ld->ld_abandon_mutex );