| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
The config parameter is dereferenced before checking if it is NULL
early in memberof_modop_one_replace_r(). Later in the function,
we first check if config is NULL before dereferencing it. We
should check if config is NULL at the beginning of the function
and bail out before we dereference it.
|
| |
|
|
|
|
|
| |
At the end of the for loop, be will be NULL if we never find a
valid be->be_usn_counter. This will cause us to dereference a
NULL pointer at the next if statement after the for loop. We
need to check if be is NULL before dereferencing it.
|
| |
|
|
|
|
|
|
| |
If the attr parameter that is passed to my_ber_scanf_attr() is
NULL, we jump to the loser label where we clean up memory we may
have allocated. We dereference attr without first checking if it
is NULL in this clean-up code. We need to check if attr is NULL
before dereferencing it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Coverity believes that search_result_pb can be NULL since we check
if it is NULL before freeing the internal search results. If this
was true, there would be a NULL dereference issue when we call
slapi_pblock_get(). We are guaranteed that search_result_pb is
non-NULL after slapi_pblock_new() is called since the server would
exit if it was unable to allocate memory.
We should remove the NULL check before freeing the internal search
results.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If we fail to fetch the postop entry for a modrdn operation in the
Managed Entry Plug-in, we end up passing a NULL pointer to
slapi_entry_attr_get_charptr(). This function dereferences the
entry without checking if it is NULL first. The mep_modrdn_post_op()
function should just return if we are unable to fetch the postop
entry.
I believe that this issue could trigger a crash when chain-on-update
is configured and a modrdn operation is chained. There is no postop
entry in this case.
|
| |
|
|
|
|
|
|
| |
It is not necessary to check if config_entry->types is NULL since
it is guaranteed to be non-NULL by dna_parse_config_entry() when
it creates config_entry. Coverity thinks that a NULL derefence is
possible since we are checking if config_entry->types is NULL. We
should remove this NULL check.
|
| |
|
|
|
|
| |
When parsing a URL without a host or port present, we can
dereference a NULL pointer. We need to check if hostport is NULL
before dereferencing it.
|
| |
|
|
|
|
| |
We need to check if ruv is NULL before dereferencing it. The
assertion will not help us here in an optimized build, so an
explicit NULL check will keep us from crashing.
|
| |
|
|
|
| |
The tmpDn pointer is deferenced before checking if it is NULL. We
need to check if it is NULL first.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=633168
Description:
* cl5_api.c, cl5_api.h
- fetches dbEnv from backend using slapi_back_get_info.
- unused macros and DB helper functions and APIs are removed.
* cl5_config.c
- local changelog DB related config parameters are removed.
* Added SLAPI_PLUGIN_BE_PRE_CLOSE_FN and SLAPI_PLUGIN_BE_POST_OPEN_FN to
close changelog DB before dbEnv is closed and to open changelog DB after
dbEnv is opened, respectively.
* Added slapi APIs slapi_back_get_info and slapi_back_set_info to get/set
the backend info.
* back-ldbm
- db2bak[.pl] and bak2db[.pl] backs up and restores the database files
including changelog db.
- changelog dir is backed up in <backupdir>/.repl_changelog_backup.
- underlying implementation ldbm_back_get_info for slapi_back_get_info
is added.
* Added an upgrade script 81changelog.pl
See also:
http://directory.fedoraproject.org/wiki/Move_changelog
|
| |
|
|
|
|
|
| |
Object ro is freed in objset_next_obj and next object is returned
if any. After ro is released, it was used to get agreement data.
This patch moves the location of objset_next_obj after the agreement
data is retrieved.
|
| |
|
|
|
|
|
|
| |
There is no chance for local_newentry to be anything other than NULL
when we check it in the call to slapi_log_error() since the check only
happens after we're verified that newparent and local_origsdn are not NULL.
Since we are guaranteed that local_newentry is NULL, we can just eliminate
this check and use the string "local entry" in the message that we print.
|
| |
|
|
|
|
|
|
|
|
|
| |
There is no chance for op_string to be NULL if "rc == LDAP_SUCCESS"
since op_string is set for all operation types in the switch statement,
which is the only place that rc can be set to something other that the
value of -1 that it is initialized to.
We can just skip the NULL checking for op_string in the calls to
slapi_log_error(). I also fixed the indentation to help me read
the code easier.
|
| |
|
|
|
|
|
|
|
| |
We need to remove the last "if (dnParts)" condition since it will
never be true.
The last frees of newDN, sval, and newvalue are also unnecessary
since they are only set in the non subtree rename case, where they
are already freed as well.
|
| |
|
|
|
|
|
| |
We were not checking the return value of ber_scanf in the DNA
plug-in when parsing the range transfer response. This checks
the return value and sets the return code to LDAP_PROTOCOL_ERROR
if we were unable to parse the range transfer response.
|
| |
|
|
|
|
|
|
|
| |
We were not checking the return value of ldap_parse_result in the
windows_check_user_password() function. The old code was a bit
unclear about setting rc when we encountered errors from
ldap_result(). It also was calling ldap_parse_result() even if
ldap_result() encountered an error. I fixed this code to be a
bit more straightforward.
|
| |
|
|
|
|
|
|
|
|
|
| |
The refint plug-in code currently looks as if it could use the
search_result variable when it is uninitialized. I don't believe
that this is possible since it would require the filter variable
to be NULL, which should not occur since slapi_ch_smprintf() would
make the process exit if it failed to allocate memory. Even so,
the correct thing to do from a code cleanliness standpoint is to
move all code that assumes we performed a search into the "if (filter)"
block.
|
| |
|
|
|
|
|
| |
When using slapi_mods_init_byref/get_ldapmods_byref, the slapi_mods code
expects the Slapi_Mods to be read-only. Since the usn code adds a mod
to the list, it needs to use the slapi_mods_init_passin/get_ldapmods_passout
APIs. This avoids an assertion when using --enable-debug.
|
| |
|
|
|
|
|
|
|
| |
This commit fixes many compiler warnings, mostly for things like unused
variables, functions, goto labels.
One place was using csngen_free instead of csn_free. A couple of places
were using casts incorrectly, and several places needed some casts added.
Tested on: RHEL5 x86_64, Fedora 14 x86_64
Reviewed by: nkinder (Thanks!)
|
| |
|
|
|
|
| |
instead of changing the logic to catch matched_val == NULL, make the code
work like it does in earlier releases, but add an explicit check for
matched_val == NULL to avoid using it.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The DS has some problems with the openldap versions of these functions:
1) They are deprecated - should use the str2[r]dn and [r]dn2str and the
bv versions of those functions instead
2) They escape utf-8 and other values in the strings - the mozldap functions
do not do this
3) They handle double quoted strings, but they remove the quotes - our
code expects the quotes to be left in place
Until we fix our DN handling, and get rid of the double quoted DNs, we just
use the mozldap versions of these functions.
|
| |
|
|
|
|
| |
rawdn may be normalized in place - if we add back the '?' to the URL
before we construct the new URL with the normalized DN, we will create
a bogus URL string - so delay that until we construct the new URL
|
| |
|
|
|
| |
I missed a couple of places in the acl code that should use
slapi_ldap_url_parse - I also added some more debugging
|
| |
|
|
|
|
| |
The logic looking for a missing suffix DN in a parsed URL was incorrect.
In addition, since passthru requires a suffix DN, pass the require_dn
flag.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Added proxy auth control creation - mozldap has a function to do that but
not openldap
Do not use mozldap filter create function - just create one using
slapi_smprintf
Fix usage of TLS/SSL with new NSS functionality
Created ldif parse wrapper - changed code to use it
Reviewed by: nkinder (Thanks!)
Platforms tested: Fedora 14 (rawhide)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=531642
Resolves: 531642
Fix description:
1. Introduced a config parameter nsslapd-entryusn-global: on|off to
enable | disable the global mode. By default, off.
In the global mode, search on root dse returns "lastusn: <num>"
without the backend subtype (e.g., "lastusn;userroot: <num>")
2. Added slapi_get_next_suffix_ext to mapping_tree.c, which visits
children as well as siblings in the mapping tree.
(Note: slapi_get_next_suffix does just siblings.)
3. import (ldif2db) adds "entryusn: 0" to every entry unless the
entry already contains the entryusn attribute.
4. ldbm_back_delete, ldbm_back_modify, ldbm_back_modrdn: set
ldap_result_code to pblock so that bepost plugin could see if
the operation was successful or not.
See also http://directory.fedoraproject.org/wiki/Entry_USN#Global_mode
|
| |
|
|
|
|
|
|
|
|
| |
This patch allows multiple memberOfGroupAttr values to be set in the
memberOf plug-in config. This allows different grouping attributes
to be used.
For more details, see the design doc:
http://directory.fedoraproject.org/wiki/MemberOf_Multiple_Grouping_Enhancements
|
| |
|
|
|
| |
the name "dn" is being deprecated - the standard attribute name is
"distinguishedName" - ger should support both of these
|
| |
|
|
| |
(ldap/servers/plugins/replication/repl5_agmt.c)
|
| |
|
|
|
|
| |
The postal_validate() function cannot accept an empty string as a valid
value of postalAddress syntax. In addition, we were not properly checking
a value which did not contain a '$' character.
|
| |
|
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in ruv_get_replica_generation().
Note: committing the fix on behalf of Endi (edewata@redhat.com).
|
| |
|
|
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in cos_cache_add_defn().
Note: committing the fix on behalf of Endi (edewata@redhat.com).
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
description: Catch possible NULL pointer in roles_cache_update() and roles_is_entry_member_of_object_ext().
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in age_str2time().
|
| |
|
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in map_dn_values(), map_entry_dn_outbound(),
and windows_generate_update_mods().
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in windows_search_entry_ext().
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in replica_new_from_entry() and _replica_configure_ruv().
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in sendGetReq(), sendPostReq(), and parseAtPath().
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in print_access_control_summary().
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in my_ber_scanf_value() and my_ber_scanf_attr().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in:
- cl5CreateReplayIteratorEx()
- cl5CreateReplayIterator()
- _cl5GetRUV2Purge2()
- _cl5GetOperation()
- _cl5PositionCursorForReplay()
- _cl5NewDBFile()
|
| |
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in acl_match_macro_in_target().
|
| |
|
|
|
|
|
|
|
|
| |
11940 - 12166
https://bugzilla.redhat.com/show_bug.cgi?id=611790
Resolves: bug 611790
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Fix description: Catch possible NULL pointer in acllas_replace_attr_macro().
coverity ID: 11961
|
| |
|
|
|
|
|
|
|
|
| |
11846 - 11891
https://bugzilla.redhat.com/show_bug.cgi?id=614511
Resolves: bug 614511
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
description: Catch possible NULL pointer in collation_indexer_create().
coverity ID: 11873
|
| |
|
|
|
|
|
|
|
| |
11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Fix description: Catch possible NULL pointer in value_cmp().
|
| |
|
|
|
|
|
|
|
| |
11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Fix description: Catch possible NULL pointer in statechange_post_op().
|
| |
|
|
|
|
|
|
|
| |
11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Fix description: Catch possible NULL pointer in roles_cache_change_notify().
|
| |
|
|
|
|
|
|
|
| |
11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Fix description: Catch possible NULL pointer in write_replog_db().
|
| |
|
|
|
|
|
|
|
| |
11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Fix description: Catch possible NULL pointer in windows_acquire_replica().
|
