[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: memory leak in 1.2.(12|11) (ITS#1161)



I think your analysis is correct.  I applied some patches
to OPENLDAP_REL_ENG_1_2 which should plug the leaks.  Please
test.

I note that I did not patch HEAD as this issue is 1.2
specific.

Kurt

At 04:27 AM 5/22/01, h.nardmann@secunet.de wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>I am currently running some purify tests with a program which uses the 
>OpenLDAP 1.2.11 LDAP library on Solaris 7. Now I am faced with a memory leak 
>IMHO which is in 1.2.12, too.
>
>Location:
>
>libraries/libldap/result.c->read1msg(): line 282
>
>        /* get the next message */
>        if ( (tag = ber_get_next( sb, &len, &ber ))
>            != LDAP_TAG_MESSAGE ) {
>                ld->ld_errno = (tag == LBER_DEFAULT ? LDAP_SERVER_DOWN :
>                    LDAP_LOCAL_ERROR);
>                return( -1 );
>        }
>
>Inside ber_get_next (libraries/liblber/io.c, line 555), there is memory 
>allocated which is not freed in error case like the one above:
>
>                if ( (ber->ber_buf = (char *) malloc( (size_t)*len )) == NULL ) {
>                        return( LBER_DEFAULT );
>                }
>
>So every error case has to free the buffer allocated inside the ber element 
>before returning.
>
>In lines 298 and 307 there is the following:
>
>                free( ber.ber_buf );    /* gack! */
>
>This should be done in the other cases, too.
>
>Do you agree?
>
>I have not looked whether this kind of code is inside 2.0.x, too, or whether 
>ber_get_next() is called from other places then read1msg(), too. Maybe you 
>could have a look at it?
>
>- -- 
>Heiko Nardmann (Dipl.-Ing.), h.nardmann@secunet.de, Software Development
>secunet Security Networks AG - Sicherheit in Netzwerken (www.secunet.de),
>Weidenauer Str. 223-225, D-57076 Siegen
>Tel. : +49 271 48950-13, Fax  : +49 271 48950-50
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.4 (GNU/Linux)
>Comment: For info see http://www.gnupg.org
>
>iD8DBQE7CmkPpm53PRScYygRAjWHAKCuvAp7mtWlSiYOeGRSaPxmal272QCeODJW
>eR4cF+M045cPymUvVOkfp1k=
>=1EiT
>-----END PGP SIGNATURE-----