Bug 602530 - coverity: op_shared_modify: compare pre, post and original entries before freeing them

https://bugzilla.redhat.com/show_bug.cgi?id=602530
Resolves: bug 602530
Bug Description: coverity: op_shared_modify: compare pre, post and original entries before freeing them
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: Get the pre entry and post entry separately, compare them to
e and to each other before attempting to free them.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no

1 files changed, 18 insertions, 4 deletions

diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index ead066d1..3f78b019 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -894,10 +894,24 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
 	}
 
 free_and_return:
-	slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &ecopy);
-	slapi_entry_free(ecopy);
-	slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &ecopy);
-	slapi_entry_free(ecopy);
+	{
+		Slapi_Entry *epre = NULL, *epost = NULL;
+		slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &epre);
+		slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &epost);
+		if (epre == e) {
+			epre = NULL; /* to avoid possible double free below */
+		}
+		if (epost == e) {
+			epost = NULL; /* to avoid possible double free below */
+		}
+		if (epre == epost) {
+			epost = NULL; /* to avoid possible double free below */
+		}
+		slapi_pblock_set(pb, SLAPI_ENTRY_PRE_OP, NULL);
+		slapi_pblock_set(pb, SLAPI_ENTRY_POST_OP, NULL);
+		slapi_entry_free(epre);
+		slapi_entry_free(epost);
+	}
 	slapi_entry_free(e);
 	
 	if (be)