[Date Prev][Date Next] [Chronological] [Thread] [Top]

Possible double free in bdb_id2entry_rw()

To: openldap-devel@OpenLDAP.org
Subject: Possible double free in bdb_id2entry_rw()
From: Luke Howard <lukeh@PADL.COM>
Date: Fri, 24 Jan 2003 01:27:16 +1100
Organization: PADL Software Pty Ltd
Versions: dmail (bsd44) 2.4c/makemail 2.9d

According to valgrind, data.data below is double-freed. I didn't
change anything as I don't understand back-bdb in the slightest,
perhaps someone who understands it better can take a look.

Index: back-bdb/id2entry.c
===================================================================
RCS file: /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb/id2entry.c,v
retrieving revision 1.30
diff -u -r1.30 id2entry.c
--- back-bdb/id2entry.c 3 Jan 2003 19:20:56 -0000       1.30
+++ back-bdb/id2entry.c 23 Jan 2003 14:22:32 -0000
@@ -153,6 +153,7 @@
                                free ( (*e)->e_private );
                        bdb_entry_return( *e );
                        *e = NULL;
+                       /* XXX According to valgrind data.data is freed by bdb_entry_return() */
                        ch_free( data.data );
                }
                rc = ret;

-- Luke

--
Luke Howard | PADL Software Pty Ltd | www.padl.com

Follow-Ups:
- RE: Possible double free in bdb_id2entry_rw()
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: lutil_detach()
Next by Date: RE: moving lutil_detach() in slapd?
Index(es):
- Chronological
- Thread