The global variable objectSize in objcetImpl.c is not used thread save. It is used for a hack, where objects are used within string buffers.
This bug affects at least parallel invoke method calls within one provider process. But there may be more situations.
How to reproduce:
Run multiple Indication Providers that fire inidcations rapidly in parallel. The bug will produce a segfault in the InteropProvider Process when _deliver is invoked.
Solution:
Do not pass the objectSize with a global variable. Instead change the method signatures.
Please see the attached patch, that introduces a new argument length to the addClString and replaceClString methods. The methods are renamed to avoid conflicts with calls to the original methods.
Patch of objectImpl.c
committed to CVS HEAD and git master
This Tracker item was closed automatically by the system. It was
previously set to a Pending status, and the original submitter
did not respond within 60 days (the time period specified by
the administrator of this Tracker).