[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Question about ldap_search_ext_s and memory leak
- To: openldap-technical@openldap.org
- Subject: Question about ldap_search_ext_s and memory leak
- From: Jean-Marc Choulet <jm130794@gmail.com>
- Date: Sun, 15 Mar 2015 23:29:28 +0100
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
Hello,
I have a little with this very simple program :
#include <iostream>
#include <stdlib.h>
#define LDAP_DEPRECATED 1
#include <ldap.h>
using namespace std;
const char* server = "ldap://ldap.xxxx.fr";;
const char* cacert_file = "cacert.pem";
const char* root_dn = "cn=replicator,ou=DSA,dc=xxxx,dc=fr";
const char* root_pw = "xxxx";
const char* aliased_people_dn ="ou=AliasedPeople,dc=xxxx,dc=fr";
int main(int argc, char *argv[])
{
if (argc != 3) {
cerr << "Usage: " << argv[0] << " username password" << endl;
return 1;
}
LDAP *ld;
int version = LDAP_VERSION3;
int rc;
if ((rc = ldap_initialize(&ld, server)) != LDAP_SUCCESS) {
cerr << "ldap_initialize: " << server << endl;
return EXIT_FAILURE;
}
if ((rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version))
!= LDAP_OPT_SUCCESS) {
cerr << "ldap_set_option error: " << ldap_err2string(rc) << endl;
return EXIT_FAILURE;
}
if ((rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
cacert_file)) != LDAP_OPT_SUCCESS )
{
cerr << "ldap_set_option error: " << ldap_err2string(rc) << endl;
return EXIT_FAILURE;
}
if ((rc = ldap_start_tls_s(ld, NULL, NULL)) != LDAP_SUCCESS)
{
cerr << "ldap_start_tls_s error: " << ldap_err2string(rc) << endl;
return EXIT_FAILURE;
}
if ((rc = ldap_bind_s(ld, root_dn, root_pw, LDAP_AUTH_SIMPLE)) !=
LDAP_SUCCESS) {
cerr << "ldap_bind_s: " << ldap_err2string(rc) << endl;
return EXIT_FAILURE;
}
cout << "user replicator authenticated :)." << endl;
LDAPMessage *pResult;
struct berval cred;
char *pDN;
std::string filter("uid=" + string(argv[1]));
rc = ldap_search_ext_s(ld, aliased_people_dn, LDAP_SCOPE_SUBTREE,
filter.c_str(), NULL, 0, NULL, NULL,
NULL, LDAP_NO_LIMIT, &pResult);
if (rc != LDAP_SUCCESS)
{
cerr << "ldap_search_ext_s error: " << ldap_err2string(rc) << endl;
ldap_unbind_s(ld);
return EXIT_FAILURE;
}
struct berval **vals;
LDAPMessage *pEntry;
string user_dn;
if (ldap_count_entries(ld, pResult) == 1) {
pEntry = ldap_first_entry(ld, pResult);
pDN = ldap_get_dn(ld, pEntry);
vals = ldap_get_values_len(ld, pEntry, "aliasedObjectName");
if (vals) {
user_dn = vals[0]->bv_val;
ldap_value_free_len(vals);
}
ldap_memfree(pDN);
}
else {
cout << "aliasedObjectName attribute not found" << endl;
ldap_unbind_s(ld);
return EXIT_FAILURE;
}
ldap_memfree(pResult);
if ((rc = ldap_bind_s(ld, user_dn.c_str(), argv[2],
LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS) {
cerr << "user " << argv[1] << " not authenticated" << endl;
ldap_unbind_s(ld);
return EXIT_FAILURE;
}
cout << "user " << argv[1] << " (" << user_dn << ") authenticated"
<< endl;
ldap_unbind_s(ld);
return EXIT_SUCCESS;
}
My program works fine but, if I use valgrind, I have memory leaks :
valgrind --leak-check=full ./ldapauth.exe toto secret
==13616== Memcheck, a memory error detector
==13616== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==13616== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for
copyright info
==13616== Command: ./ldapauth.exe toto secret
==13616==
user replicator authenticated :).
user toto (uid=toto,ou=People,ou=17,dc=xxxx,dc=fr) authenticated
==13616== Warning: invalid file descriptor -1 in syscall write()
==13616==
==13616== HEAP SUMMARY:
==13616== in use at exit: 260,453 bytes in 1,157 blocks
==13616== total heap usage: 13,835 allocs, 12,678 frees, 2,138,249
bytes allocated
==13616==
==13616== 149 (56 direct, 93 indirect) bytes in 1 blocks are definitely
lost in loss record 65 of 84
==13616== at 0x4C2CC70: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==13616== by 0x596E604: ber_memcalloc_x (in
/usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.8.3)
==13616== by 0x4E48687: ldap_result (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4E4ACA6: ldap_pvt_search_s (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4E4AD4F: ldap_search_ext_s (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4016D4: main (ldapauth.cpp:72)
==13616==
==13616== 271 (80 direct, 191 indirect) bytes in 1 blocks are definitely
lost in loss record 69 of 84
==13616== at 0x4C2CC70: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==13616== by 0x596E604: ber_memcalloc_x (in
/usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.8.3)
==13616== by 0x596D031: ber_alloc_t (in
/usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.8.3)
==13616== by 0x4E5AA22: ldap_alloc_ber_with_options (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4E48BB7: ldap_result (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4E4ACA6: ldap_pvt_search_s (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4E4AD4F: ldap_search_ext_s (in
/usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.8.3)
==13616== by 0x4016D4: main (ldapauth.cpp:72)
==13616==
==13616== LEAK SUMMARY:
==13616== definitely lost: 136 bytes in 2 blocks
==13616== indirectly lost: 284 bytes in 3 blocks
==13616== possibly lost: 0 bytes in 0 blocks
==13616== still reachable: 260,033 bytes in 1,152 blocks
==13616== suppressed: 0 bytes in 0 blocks
==13616== Reachable blocks (those to which a pointer was found) are not
shown.
==13616== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==13616==
==13616== For counts of detected and suppressed errors, rerun with: -v
==13616== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
I don't understand why. Do you have a idea ?
I work on Ubuntu 14.04. The OpenLDAP version is 2.4.31.
Thanks,
Jean-Marc.