repl: Avoid use-after-free when working with the working_schema

The original schema must live as long as the working_schema
as the working_schema starts as a shallow-copy of schema.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11953

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun  7 14:33:39 CEST 2016 on sn-devel-144

diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c
index 6493c1ea49879f0f41f56d1cd3856e9b2d11b01b..64816ad2725ce808a17d53abca47017852837aa1 100644 (file)
--- a/source4/dsdb/repl/drepl_out_helpers.c
+++ b/source4/dsdb/repl/drepl_out_helpers.c
@@ -709,7 +709,7 @@ static void dreplsrv_op_pull_source_apply_changes_trigger(struct tevent_req *req
                return;
        }
 
-       schema = dsdb_get_schema(service->samdb, NULL);
+       schema = dsdb_get_schema(service->samdb, state);
        if (!schema) {
                DEBUG(0,(__location__ ": Schema is not loaded yet!\n"));
                tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);