[389-commits] Branch '389-ds-base-1.3.3' - ldap/servers

Mon Nov 17 15:29:41 UTC 2014

ldap/servers/slapd/pw.c |   14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

New commits:
commit ce0cda2bed8611e845931fd99ac40ba428455be3
Author: Mark Reynolds <mreynolds at redhat.com>
Date:   Mon Nov 17 09:46:33 2014 -0500

    Ticket 47958 - Memory leak in password admin if the admin entry does not exist
    
    Bug Description:  If passwordAdminDN is set to an entry that does not exist memory
                      is leaked.
    
    Fix Description:  The leak occurs because we do not free the internal search results,
                      even when zero entries are returned.
    
    https://fedorahosted.org/389/ticket/47958
    
    Reviewed by: rmeggins(Thanks!)
    
    (cherry picked from commit 6ee9a1bd3aa5014aff3b8b07a032c35a1c66d2e2)

diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
index 9c541c5..7f80612 100644
--- a/ldap/servers/slapd/pw.c
+++ b/ldap/servers/slapd/pw.c
@@ -1558,14 +1558,17 @@ pw_get_admin_users(passwdPolicy *pwp)
 	 *  Check if the DN exists and has "group" objectclasses
 	 */
 	pb = slapi_pblock_new();
-	slapi_search_internal_set_pb(pb, binddn, LDAP_SCOPE_BASE,"(|(objectclass=groupofuniquenames)(objectclass=groupofnames))",
-		NULL, 0, NULL, NULL, (void *) plugin_get_default_component_id(), 0);
+	slapi_search_internal_set_pb(pb, binddn, LDAP_SCOPE_BASE,
+	        "(|(objectclass=groupofuniquenames)(objectclass=groupofnames))",
+	        NULL, 0, NULL, NULL, (void *) plugin_get_default_component_id(), 0);
 	slapi_search_internal_pb(pb);
 	slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
 	if (res != LDAP_SUCCESS) {
+		slapi_free_search_results_internal(pb);
 		slapi_pblock_destroy(pb);
-		LDAPDebug(LDAP_DEBUG_ANY, "pw_get_admin_users: search failed for %s: error %d - Password Policy Administrators can not be set\n",
-			slapi_sdn_get_dn(sdn), res, 0);
+		LDAPDebug(LDAP_DEBUG_ANY, "pw_get_admin_users: search failed for %s: error %d - "
+		        "Password Policy Administrators can not be set\n",
+		        slapi_sdn_get_dn(sdn), res, 0);
 		return;
 	}
 	/*
@@ -1581,7 +1584,8 @@ pw_get_admin_users(passwdPolicy *pwp)
 		slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
 		uniquemember_vals = slapi_entry_attr_get_charray_ext(entries[0], "uniquemember", &uniquemember_count);
 		member_vals = slapi_entry_attr_get_charray_ext(entries[0], "member", &member_count);
-		pwp->pw_admin_user = (Slapi_DN **)slapi_ch_calloc((uniquemember_count + member_count + 1), sizeof(Slapi_DN *));
+		pwp->pw_admin_user = (Slapi_DN **)slapi_ch_calloc((uniquemember_count + member_count + 1),
+		                                                  sizeof(Slapi_DN *));
 		if(uniquemember_count > 0){
 			for(i = 0; i < uniquemember_count; i++){
 				pwp->pw_admin_user[count++] = slapi_sdn_new_dn_passin(uniquemember_vals[i]);


