[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
[Fwd: Re: malloc bugs]
I should have sent this to devel instead of replying...
-------- Original Message --------
Subject: Re: malloc bugs
Date: Mon, 23 Nov 1998 17:23:25 +0000
From: Will Ballantyne <Will.Ballantyne@gems1.gov.bc.ca>
Organization: ITSD
To: openldap-bugs@openldap.org
References: <HBF.981123gq8j@bombur2.uio.no>
Hallvard B Furuseth wrote:
>
> derefDN() in servers/slapd/back-ldbm/alias.c is broken:
> It may free() `dn' (and maybe other variables) without resetting them,
> and they wil then be used later (e.g. dn is used after the for loop).
> Nor am I sure what it is supposed to return in all cases, or whether
> or not it is always supposed to return newly allocated data.
Thanks Hallvard, here is a quick patch to fix. It should always return newly
allocated data.
diff -ur ldap/servers/slapd/back-ldbm/alias.c
ldap.new/servers/slapd/back-ldbm/alias.c
--- ldap/servers/slapd/back-ldbm/alias.c Wed Nov 4 20:05:05 1998
+++ ldap.new/servers/slapd/back-ldbm/alias.c Mon Nov 23 09:08:54 1998
@@ -112,8 +112,8 @@
)
{
struct ldbminfo *li = (struct ldbminfo *) be->be_private;
- char *matched;
- char *newDN;
+ char *matched = 0;
+ char *newDN = NULL;
int depth;
Entry *eMatched;
Entry *eDeref;
@@ -156,6 +156,7 @@
if ((eNew = derefAlias_r( be, conn, op, eMatched )) == NULL) {
free (matched);
free (newDN);
+ newDN = NULL;
free (remainder);
break; /* no associated entry, dont deref */
}
@@ -166,6 +167,7 @@
if (!strcasecmp (matched, eNew->e_dn)) {
/* newDN same as old so not an alias, no need to go further */
free (newDN);
+ newDN = NULL;
free (matched);
free (remainder);
break;
@@ -226,9 +228,12 @@
send_ldap_result( conn, op, LDAP_ALIAS_PROBLEM, "",
"Maximum alias dereference depth exceeded for base" );
}
+
+ if (newDN == NULL) {
+ newDN = strdup ( dn );
+ }
Debug( LDAP_DEBUG_TRACE, "<= returning deref DN of %s\n", newDN, 0, 0 );
-
free(matched);
return newDN;