From 5f00c79ac22ecfa846eebd910e7c25d326595f8e Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 29 Feb 2008 06:55:33 -0800
Subject: [PATCH] Patch to fix the "Invalid read of size 4" errors. Bug #3617.
 Jeremy. (cherry picked from commit fa12667ec284fdda45b79cbf6bf548ab0faae34f)

---
 source/nmbd/nmbd_responserecordsdb.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/source/nmbd/nmbd_responserecordsdb.c b/source/nmbd/nmbd_responserecordsdb.c
index 6498ce04cf3..b042fb41edb 100644
--- a/source/nmbd/nmbd_responserecordsdb.c
+++ b/source/nmbd/nmbd_responserecordsdb.c
@@ -46,6 +46,24 @@ static void add_response_record(struct subnet_record *subrec,
 void remove_response_record(struct subnet_record *subrec,
 				struct response_record *rrec)
 {
+	/* It is possible this can be called twice,
+	   with a rrec pointer that has been freed. So
+	   before we inderect into rrec, search for it
+	   on the responselist first. Bug #3617. JRA. */
+
+	struct response_record *p = NULL;
+
+	for (p = subrec->responselist; p; p = p->next) {
+		if (p == rrec) {
+			break;
+		}
+	}
+
+	if (p == NULL) {
+		/* We didn't find rrec on the list. */
+		return;
+	}
+
 	DLIST_REMOVE(subrec->responselist, rrec);
 
 	if(rrec->userdata) {
-- 
2.11.4.GIT