[Freeipa-devel] [PATCH 101] Fix error handling in ldap_entry_create()

Adam Tkac atkac at redhat.com
Thu Dec 13 14:17:53 UTC 2012 

On Thu, Nov 22, 2012 at 09:56:12AM +0100, Petr Spacek wrote:
> Hello,
> 
> apparently I was very tired yesterday ... Cleaned version of the
> patch is attached.
> 
> Petr^2 Spacek
> 
> On 11/21/2012 05:04 PM, Petr Spacek wrote:
> >Hello,
> >
> >fixed fix is attached. Clang found bug in the fix but I didn't notice that
> >because of other warnings ...
> >
> >On 11/21/2012 04:04 PM, Petr Spacek wrote:
> >>Hello,
> >>
> >>I noticed this problem during investigation of dead code found by Clang.
> >>
> >>     Fix error handling in ldap_entry_create().
> >>
> >>     Jump to cleanup section after first memory allocation created memory leak
> >>     which crashed BIND on reload.
> >>
> >>     Missing return value check after ldap_get_dn() call can lead to crash.

Ack

> From eddb9db446610e79e4852b15cb2be420090364b7 Mon Sep 17 00:00:00 2001
> From: Petr Spacek <pspacek at redhat.com>
> Date: Wed, 21 Nov 2012 15:53:28 +0100
> Subject: [PATCH] Fix error handling in ldap_entry_create().
> 
> Jump to cleanup section after first memory allocation created memory leak
> which crashed BIND on reload.
> 
> Missing return value check after ldap_get_dn() call can lead to crash.
> 
> Signed-off-by: Petr Spacek <pspacek at redhat.com>
> ---
>  src/ldap_entry.c | 26 ++++++++++++++++----------
>  1 file changed, 16 insertions(+), 10 deletions(-)
> 
> diff --git a/src/ldap_entry.c b/src/ldap_entry.c
> index 9436b895913b2eb1a711d9343e43e695ea7e6ae4..7d8b29bd0f1206df6b4fcdcdb08c4c9e82630527 100644
> --- a/src/ldap_entry.c
> +++ b/src/ldap_entry.c
> @@ -183,9 +183,9 @@ ldap_entry_create(isc_mem_t *mctx, LDAP *ld, LDAPMessage *ldap_entry,
>                    ldap_entry_t **entryp)
>  {
>  	isc_result_t result;
> -	ldap_attribute_t *attr;
> +	ldap_attribute_t *attr = NULL;
>  	char *attribute;
> -	BerElement *ber;
> +	BerElement *ber = NULL;
>  	ldap_entry_t *entry = NULL;
>  
>  	REQUIRE(ld != NULL);
> @@ -213,19 +213,25 @@ ldap_entry_create(isc_mem_t *mctx, LDAP *ld, LDAPMessage *ldap_entry,
>  
>  		APPEND(entry->attrs, attr, link);
>  	}
> +	attr = NULL;
>  
>  	entry->dn = ldap_get_dn(ld, ldap_entry);
> +	if (entry->dn == NULL) {
> +		log_ldap_error(ld);
> +		CLEANUP_WITH(ISC_R_FAILURE);
> +	}
>  
> +	*entryp = entry;
> +
> +cleanup:
>  	if (ber != NULL)
>  		ber_free(ber, 0);
> -
> -	*entryp = entry;
> -
> -	return ISC_R_SUCCESS;
> -
> -cleanup:
> -	if (entry != NULL)
> -		ldap_attributelist_destroy(mctx, &entry->attrs);
> +	if (result != ISC_R_SUCCESS) {
> +		if (entry != NULL)
> +			ldap_attributelist_destroy(mctx, &entry->attrs);
> +		SAFE_MEM_PUT_PTR(mctx, entry);
> +		SAFE_MEM_PUT_PTR(mctx, attr);
> +	}
>  
>  	return result;
>  }
> -- 
> 1.7.11.7
> 

> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel


-- 
Adam Tkac, Red Hat, Inc.

More information about the Freeipa-devel mailing list