[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
memory leak in 1.2.(12|11) (ITS#1161)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I am currently running some purify tests with a program which uses the
OpenLDAP 1.2.11 LDAP library on Solaris 7. Now I am faced with a memory leak
IMHO which is in 1.2.12, too.
Location:
libraries/libldap/result.c->read1msg(): line 282
/* get the next message */
if ( (tag = ber_get_next( sb, &len, &ber ))
!= LDAP_TAG_MESSAGE ) {
ld->ld_errno = (tag == LBER_DEFAULT ? LDAP_SERVER_DOWN :
LDAP_LOCAL_ERROR);
return( -1 );
}
Inside ber_get_next (libraries/liblber/io.c, line 555), there is memory
allocated which is not freed in error case like the one above:
if ( (ber->ber_buf = (char *) malloc( (size_t)*len )) == NULL ) {
return( LBER_DEFAULT );
}
So every error case has to free the buffer allocated inside the ber element
before returning.
In lines 298 and 307 there is the following:
free( ber.ber_buf ); /* gack! */
This should be done in the other cases, too.
Do you agree?
I have not looked whether this kind of code is inside 2.0.x, too, or whether
ber_get_next() is called from other places then read1msg(), too. Maybe you
could have a look at it?
- --
Heiko Nardmann (Dipl.-Ing.), h.nardmann@secunet.de, Software Development
secunet Security Networks AG - Sicherheit in Netzwerken (www.secunet.de),
Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13, Fax : +49 271 48950-50
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7CmkPpm53PRScYygRAjWHAKCuvAp7mtWlSiYOeGRSaPxmal272QCeODJW
eR4cF+M045cPymUvVOkfp1k=
=1EiT
-----END PGP SIGNATURE-----