[389-commits] Branch '389-ds-base-1.3.1' - ldap/servers

Noriko Hosoi nhosoi at fedoraproject.org
Mon Jan 13 19:28:27 UTC 2014 

 ldap/servers/slapd/libglobs.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

New commits:
commit 4aa849fa0a32d90e7d88574f35e1e17fbaf1034f
Author: Noriko Hosoi <nhosoi at redhat.com>
Date:   Mon Jan 13 11:03:46 2014 -0800

    Ticket #47660 - config_set_allowed_to_delete_attrs: Valgrind reports Invalid read
    
    Description: There was a logic error in checking the availability of
    a pointer.  Before checking the contents of an address, the correctness
    of the pointer needed to be checked.
    
    Also, one memory leak was found in the error return case.
    
    Note: these 2 issues were introduece by this commit:
    commit 94b123780b21e503b78bceca9d60904206ef91fa
    Trac Ticket #447 - Possible to add invalid attribute to nsslapd-allowed-to-delete-attrs
    
    https://fedorahosted.org/389/ticket/47660
    
    Reviewed by rmeggins at redhat.com (Thank you, Rich!)
    (cherry picked from commit 1a788bf35a138d221f2bfb88d6da5fc5244d738c)
    (cherry picked from commit 22c24f0d133cfcfc9f7457a84282d223ea3f6e25)

diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 6df225d..bcf7db4 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -6704,7 +6704,7 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value,
         int needcopy = 0;
         allowed = slapi_str2charray_ext(vcopy, " ", 0);
         for (s = allowed; s && *s; s++) ;
-        for (--s; s && *s && (s >= allowed); s--) {
+        for (--s; s && (s >= allowed) && *s; s--) {
             cgas = (struct config_get_and_set *)PL_HashTableLookup(confighash,
                                                                    *s);
             if (!cgas && PL_strcasecmp(*s, "aci") /* aci is an exception */) {
@@ -6725,6 +6725,7 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value,
                 slapi_log_error(SLAPI_LOG_FATAL, "config",
                         "%s: Given attributes are all invalid.  No effects.\n",
                         CONFIG_ALLOWED_TO_DELETE_ATTRIBUTE);
+                slapi_ch_array_free(allowed);
                 return LDAP_NO_SUCH_ATTRIBUTE;
             } else {
                 for (s = allowed, d = vcopy; s && *s; s++) {

More information about the 389-commits mailing list