diff options
author | Rich Megginson <rmeggins@redhat.com> | 2008-08-27 21:56:07 +0000 |
---|---|---|
committer | Rich Megginson <rmeggins@redhat.com> | 2008-08-27 21:56:07 +0000 |
commit | 921dcc35ed8f37b5c8d9c899db603af1adff8758 (patch) | |
tree | 0d6231236b08e8062a32b51047b6048572d801c4 | |
parent | 446134bf3bd4d85433738bb257dba18269c32980 (diff) | |
download | ds-921dcc35ed8f37b5c8d9c899db603af1adff8758.tar.gz ds-921dcc35ed8f37b5c8d9c899db603af1adff8758.tar.xz ds-921dcc35ed8f37b5c8d9c899db603af1adff8758.zip |
Resolves: bug 460381FedoraDirSvr_1_1_2_RC_20080828FedoraDirSvr_1_1_2_RC
Bug Description: various valgrind reported startup memory leaks
Reviewed by: nhosoi (Thanks!)
Files: see diff
Branch: HEAD
Fix Description: These memory leaks are not serious, but they do create a lot of noise in
valgrind.
Platforms tested: RHEL5, Fedora 8
Flag Day: no
Doc impact: no
-rw-r--r-- | ldap/servers/slapd/auth.c | 2 | ||||
-rw-r--r-- | ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c | 7 | ||||
-rw-r--r-- | ldap/servers/slapd/dynalib.c | 2 | ||||
-rw-r--r-- | ldap/servers/slapd/proto-slap.h | 2 | ||||
-rw-r--r-- | ldap/servers/slapd/security_wrappers.c | 9 | ||||
-rw-r--r-- | ldap/servers/slapd/ssl.c | 7 |
6 files changed, 27 insertions, 2 deletions
diff --git a/ldap/servers/slapd/auth.c b/ldap/servers/slapd/auth.c index 023c5f85..6e6ffe14 100644 --- a/ldap/servers/slapd/auth.c +++ b/ldap/servers/slapd/auth.c @@ -290,8 +290,10 @@ client_auth_init () LDAPDebug (LDAP_DEBUG_ANY, "client_auth_init: failed to duplicate \"%s/certmap\"\n", confdir, 0, 0); + slapi_ch_free_string(&confdir); return; } + slapi_ch_free_string(&confdir); } err = ldaputil_init (client_auth_config_file, "", NULL, "slapd", NULL); if (err != LDAPU_SUCCESS) { diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c index ef031eeb..bf8d8439 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c @@ -468,6 +468,7 @@ attrcrypt_init(ldbm_instance *li) ret = attrcrypt_cipher_init(li, ace, private_key, public_key, acs); if (ret) { LDAPDebug(LDAP_DEBUG_ANY,"Failed to initialize cipher %s in attrcrypt_init\n", ace->cipher_display_name, 0, 0); + slapi_ch_free((void **)&acs); } else { /* Since we succeeded, add the acs to the backend instance list */ attrcrypt_acs_list_add(li,acs); @@ -476,7 +477,11 @@ attrcrypt_init(ldbm_instance *li) } } - } + slapd_pk11_DestroyPublicKey(public_key); + public_key = NULL; + } + slapd_pk11_DestroyPrivateKey(private_key); + private_key = NULL; } else { if (li->attrcrypt_configured) { LDAPDebug(LDAP_DEBUG_ANY,"Warning: encryption is configured in backend %s, but because SSL is not enabled, database encryption is not available and the configuration will be overridden.\n", li->inst_name, 0, 0); diff --git a/ldap/servers/slapd/dynalib.c b/ldap/servers/slapd/dynalib.c index 41dfaf91..4acae45b 100644 --- a/ldap/servers/slapd/dynalib.c +++ b/ldap/servers/slapd/dynalib.c @@ -154,7 +154,7 @@ symload_report_error( const char *libpath, char *symbol, char *plugin, int libop errlen = PR_GetErrorTextLength(); if ( errlen > 0 ) { - errtext = slapi_ch_malloc( errlen ); + errtext = slapi_ch_malloc( errlen+1 ); if ( PR_GetErrorText( errtext ) > 0 ) { LDAPDebug( LDAP_DEBUG_ANY, SLAPI_COMPONENT_NAME_NSPR " error %d: %s\n", PR_GetError(), errtext, 0 ); diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index 1ef45039..eb0d0380 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -946,6 +946,8 @@ unsigned slapd_SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk); SECStatus slapd_pk11_Finalize(PK11Context *context); SECStatus slapd_pk11_DigestFinal(PK11Context *context, unsigned char *data,unsigned int *outLen, unsigned int length); void slapd_SECITEM_FreeItem (SECItem *zap, PRBool freeit); +void slapd_pk11_DestroyPrivateKey(SECKEYPrivateKey *key); +void slapd_pk11_DestroyPublicKey(SECKEYPublicKey *key); /* * start_tls_extop.c diff --git a/ldap/servers/slapd/security_wrappers.c b/ldap/servers/slapd/security_wrappers.c index 628ad4d2..6cca6cea 100644 --- a/ldap/servers/slapd/security_wrappers.c +++ b/ldap/servers/slapd/security_wrappers.c @@ -374,3 +374,12 @@ slapd_SECITEM_FreeItem (SECItem *zap, PRBool freeit) SECITEM_FreeItem(zap,freeit); } +void slapd_pk11_DestroyPrivateKey(SECKEYPrivateKey *key) +{ + SECKEY_DestroyPrivateKey(key); +} + +void slapd_pk11_DestroyPublicKey(SECKEYPublicKey *key) +{ + SECKEY_DestroyPublicKey(key); +} diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c index 416dda70..b33b0ce8 100644 --- a/ldap/servers/slapd/ssl.c +++ b/ldap/servers/slapd/ssl.c @@ -593,6 +593,7 @@ slapd_ssl_init() { slapd_SSL_warn("Security Initialization: Unable to get token (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)", errorCode, slapd_pr_strerror(errorCode)); + freeChildren(family_list); return -1; } @@ -603,6 +604,7 @@ slapd_ssl_init() { slapd_SSL_warn("Security Initialization: Unable to find slot (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)", errorCode, slapd_pr_strerror(errorCode)); + freeChildren(family_list); return -1; } /* authenticate */ @@ -612,6 +614,7 @@ slapd_ssl_init() { slapd_SSL_warn("Security Initialization: Unable to authenticate (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)", errorCode, slapd_pr_strerror(errorCode)); + freeChildren(family_list); return -1; } } @@ -863,6 +866,10 @@ int slapd_ssl_init2(PRFileDesc **fd, int startTLS) CERT_DestroyCertificate(cert); cert = NULL; } + if (key) { + slapd_pk11_DestroyPrivateKey(key); + key = NULL; + } slapi_ch_free((void **) &personality); if (SECSuccess != rv) { freeConfigEntry( &e ); |