[Date Prev][Date Next]
Re: complex searches with filters: more memory leaks and an id list issue
I don't believe any of the changes are appropriate.
At 03:39 AM 2001-10-05, Thomas Koch wrote:
>as reported some time ago, our use of slapd involves all sorts of
>search queries. We are now moving to 2.0.15 and believe that some
>problems that we identified in 2.0.11 during the last weeks still
>Included is a patch of the changes that we had applied to 2.0.11 recently
>(with the intention to report them soon) and which we believe
>should go into 2.0.15.
>* memory leaks: there are some locations in filterindex.c which
> do not free a tmp object under certain error conditions.
>* null pointer: in filter.c, we have observed crashes when
> an attempt was made to free f->f_sub, with f_sub being NULL.
>* id list scan: in idl.c. This seems the most tricky issue. Our
> "fix" might be totally inconsistent, since it is time consuming
> to figure out all the details of the id list handling.
> Here is what we have observed: when matching id lists,
> it could happen that the same id occurs twice in the result.
> This could cause the resulting id list to grow beyond its
> allocated size, which then may result in a memory overrun.
> Our change enforces a more defensive behaviour, and also
> avoids inserting duplicates in the result id list.
> (In our test code there is an additional check against
> buffer overrun, which should probably not be used in production.)
> Whether this completely resolves the problem, I don't know,
> but we have not seen any of the problems after this change.
>I would appreciate any feedback, because we don't want to
>mess up the original code.