diff options
author | Rich Megginson <rmeggins@redhat.com> | 2008-08-27 21:05:30 +0000 |
---|---|---|
committer | Rich Megginson <rmeggins@redhat.com> | 2008-08-27 21:05:30 +0000 |
commit | b6b7f5e4bc4701a9a50f43578dfbc7e1cb300a02 (patch) | |
tree | 730768ebcdd14b2b2481e767da9de13634cef926 | |
parent | b32761a5797fa5efb8ab65ae2d2e0c539357e73c (diff) | |
download | ds-b6b7f5e4bc4701a9a50f43578dfbc7e1cb300a02.tar.gz ds-b6b7f5e4bc4701a9a50f43578dfbc7e1cb300a02.tar.xz ds-b6b7f5e4bc4701a9a50f43578dfbc7e1cb300a02.zip |
Resolves: bug 458510
Bug Description: Memory leak setting password with passwd extop
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: 1) if the given dn is "", that 1 byte will be leaked when the dn is reassigned
to the bind dn - so free it first in that case before reassigning
2) calling slapi_pblock_get with SLAPI_CONN_DN does a strdup, which is
different than most uses of slapi_pblock_get. That memory must be freed. So we free it at the end.
3) If we set the ORIGINAL_TARGET to a dn other than the given dn, we must free
it - grab it and compare it to dn - if not the same, free dn first, then free the original target dn
Platforms tested: RHEL5, Fedora 8
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
-rw-r--r-- | ldap/servers/slapd/passwd_extop.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/ldap/servers/slapd/passwd_extop.c b/ldap/servers/slapd/passwd_extop.c index d5950984..93fdd3b1 100644 --- a/ldap/servers/slapd/passwd_extop.c +++ b/ldap/servers/slapd/passwd_extop.c @@ -431,6 +431,7 @@ passwd_modify_extop( Slapi_PBlock *pb ) char *bindDN = NULL; char *authmethod = NULL; char *dn = NULL; + char *otdn = NULL; char *oldPasswd = NULL; char *newPasswd = NULL; char *errMesg = NULL; @@ -661,6 +662,7 @@ parse_req_done: /* Did they give us a DN ? */ if (dn == NULL || *dn == '\0') { /* Get the DN from the bind identity on this connection */ + slapi_ch_free_string(&dn); dn = slapi_ch_strdup(bindDN); LDAPDebug( LDAP_DEBUG_ANY, "Missing userIdentity in request, using the bind DN instead.\n", @@ -744,13 +746,17 @@ parse_req_done: /* Free anything that we allocated above */ free_and_return: + slapi_ch_free_string(&bindDN); /* slapi_pblock_get SLAPI_CONN_DN does strdup */ slapi_ch_free_string(&oldPasswd); slapi_ch_free_string(&newPasswd); /* Either this is the same pointer that we allocated and set above, * or whoever used it should have freed it and allocated a new * value that we need to free here */ - slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET, &dn ); - slapi_ch_free_string(&dn); + slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET, &otdn ); + if (otdn != dn) { + slapi_ch_free_string(&dn); + } + slapi_ch_free_string(&otdn); slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET, NULL ); slapi_ch_free_string(&authmethod); |