[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#9127) memory leak in mdb_entry_decode()

grapvar@gmail.com wrote:
> Full_Name: Konstantin Andreev
> Version: 2.4.48
> OS: Solaris 11.3 x64
> URL: 
> Submission from: (NULL) (79.135.238.172)
> 
> 
> servers/slapd/back-mdb/id2entry.c`mdb_entry_decode() leaks allocated [Entry] on
> error.
> Here is a fix for the master branch:

Since this is allocated in thread-local memory, there is no actual leak.

> --- a/servers/slapd/back-mdb/id2entry.c
> +++ b/servers/slapd/back-mdb/id2entry.c
> @@ -1130,8 +1130,12 @@ done:
>  	*e = x;
>  	rc = 0;
>  
> -leave:
> +clr_mvc:
>  	if (mvc)
>  		mdb_cursor_close(mvc);
>  	return rc;
> +leave:
> +	/* can't mdb_entry_return() because [Entry *x] init is incomplete */
> +	op->o_tmpfree( x, op->o_tmpmemctx );
> +	goto clr_mvc;
>  }
> 
> and for 2.4 branch, if you care:
> 
> --- a/servers/slapd/back-mdb/id2entry.c
> +++ b/servers/slapd/back-mdb/id2entry.c
> @@ -695,12 +695,13 @@
>  		if (i > mdb->mi_numads) {
>  			rc = mdb_ad_read(mdb, txn);
>  			if (rc)
> -				return rc;
> +				goto leave;
>  			if (i > mdb->mi_numads) {
>  				Debug( LDAP_DEBUG_ANY,
>  					"mdb_entry_decode: attribute index %d not recognized\n",
>  					i, 0, 0 );
> -				return LDAP_OTHER;
> +				rc = LDAP_OTHER;
> +				goto leave;
>  			}
>  		}
>  		a->a_desc = mdb->mi_ads[i];
> @@ -745,7 +746,7 @@
>  				Debug( LDAP_DEBUG_ANY,
>  					"mdb_entry_decode: attributeType %s value #%d provided more than once\n",
>  					a->a_desc->ad_cname.bv_val, j, 0 );
> -				return rc;
> +				goto leave;
>  			}
>  		}
>  		a->a_next = a+1;
> @@ -758,4 +759,8 @@
>  		0, 0, 0 );
>  	*e = x;
>  	return 0;
> +leave:
> +	/* can't mdb_entry_return() because [Entry *x] init is incomplete */
> +	op->o_tmpfree( x, op->o_tmpmemctx );
> +	return rc;
>  }
> 
> 


-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/