(ITS#9090) memory leak: ldap_unbind_* functions don't free 'ld_sb' field of LDAP structure

[santucco@mail.ru]

Full_Name: Alexander Sychev
Version: 2.4.48
OS: linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (91.103.66.207)


Steps to reproduce:

1. Write a test:

#include <ldap.h>

int main()
{
	LDAP* h = NULL;
	LDAPURLDesc u;
	memset(&u, 0, sizeof(LDAPURLDesc));
	char* s = 0;
	u.lud_scheme = "ldap";
	u.lud_host = "locahost";
	u.lud_port  = 8080;
	u.lud_scope = LDAP_SCOPE_DEFAULT              ;
	s = ldap_url_desc2str(&u);
	ldap_initialize(&h, s);
	ldap_memfree(s);
	ldap_unbind_ext_s(h, NULL, NULL);
	return 0;
}

2. Compile it with AddressSanitizer support:
gcc test.c -g -fsanitize=address

3. Run the test, analyze AddressSanitizer output:
=================================================================
==29038==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7f9d35ac23a8 in __interceptor_calloc
../../../../libsanitizer/asan/asan_malloc_linux.cc:70
    #1 0x55d793627512 in ber_memcalloc_x (/tmp/test+0x67512)
    #2 0x55d79362757b in ber_memcalloc (/tmp/test+0x6757b)
    #3 0x55d793628a2d in ber_sockbuf_alloc (/tmp/test+0x68a2d)
    #4 0x55d7935ee453 in ldap_create (/tmp/test+0x2e453)
    #5 0x55d7935ee628 in ldap_initialize (/tmp/test+0x2e628)
    #6 0x55d7935ede8e in main /tmp/test.c:14
    #7 0x7f9d3442c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)

SUMMARY: AddressSanitizer: 40 byte(s) leaked in 1 allocation(s).
=================================================================

4. Possible patch:
	
--- openldap/libraries/libldap/unbind.c.orig	2019-07-23 17:46:22.000000000
+0300
+++ openldap/libraries/libldap/unbind.c	2019-09-27 15:39:40.000000000 +0300
@@ -134,6 +134,8 @@
 	/* Should already be closed by ldap_free_connection which knows not to free
 	 * this one */
 	ber_int_sb_destroy( ld->ld_sb );
+	/* free memory to avoid of leak */
+	ber_memfree( ld->ld_sb );
 
 	LDAP_MUTEX_LOCK( &ld->ld_ldopts_mutex );