ldap/servers/plugins/acl/acllas.c | 4 +-
ldap/servers/plugins/linkedattrs/linked_attrs.c | 16 +-------
ldap/servers/plugins/replication/cl5_api.c | 46 +++++++++++++-----------
ldap/servers/slapd/back-ldbm/dblayer.c | 43 ++++++++++++++--------
ldap/servers/slapd/back-ldbm/init.c | 20 ++++++----
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c | 5 +-
ldap/servers/slapd/entry.c | 4 ++
ldap/servers/slapd/modify.c | 4 +-
ldap/servers/slapd/resourcelimit.c | 40 +-------------------
ldap/servers/slapd/result.c | 25 +++++++++----
10 files changed, 101 insertions(+), 106 deletions(-)
New commits:
commit 6c9822577b32af674dae2f884030bf2fd8a51bc2
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 10:48:27 2011 -0600
Bug 690584 - #10641 reslimit_bv2int - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10641 reslimit_bv2int - fix coverity resource leak issues
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: The comment was incorrect - slapi_value_get_int does handle
signed values correctly - it uses the same function atoi - the fix is to
get rid of reslimit_bv2int
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/resourcelimit.c b/ldap/servers/slapd/resourcelimit.c
index dc22a0a..563381f 100644
--- a/ldap/servers/slapd/resourcelimit.c
+++ b/ldap/servers/slapd/resourcelimit.c
@@ -181,7 +181,6 @@ static void reslimit_connext_destructor( void *extension, void
*object,
void *parent );
static int reslimit_get_ext( Slapi_Connection *conn, const char *logname,
SLAPIResLimitConnData **rlcdpp );
-static int reslimit_bv2int( const struct berval *bvp );
static char ** reslimit_get_registered_attributes();
@@ -327,38 +326,6 @@ reslimit_get_ext( Slapi_Connection *conn, const char *logname,
}
-/*
- * utility function to convert a string-represented integer to an int.
- *
- * XXXmcs: wouldn't need this if slapi_value_get_int() returned a signed int!
- */
-static int
-reslimit_bv2int( const struct berval *bvp )
-{
- int rc = 0;
- char smallbuf[ 25 ], *buf;
-
- if ( bvp != NULL ) {
- /* make a copy to ensure it is zero-terminated */
- if ( bvp->bv_len < sizeof( smallbuf )) {
- buf = smallbuf;
- } else {
- buf = slapi_ch_malloc( bvp->bv_len + 1 );
- }
- memcpy( buf, bvp->bv_val, bvp->bv_len);
- buf[ bvp->bv_len ] = '\0';
-
- rc = atoi( buf );
-
- if ( buf != smallbuf ) {
- slapi_ch_free( (void **)&smallbuf );
- }
- }
-
- return( rc );
-}
-
-
/**** Semi-public functions start here ***********************************/
/*
* These functions are exposed to other parts of the server only, i.e.,
@@ -464,11 +431,10 @@ reslimit_update_from_entry( Slapi_Connection *conn, Slapi_Entry *e
)
&actual_type_name, 0, &free_flags )) {
Slapi_Value *v;
int index;
- const struct berval *bvp;
- if (( index = slapi_valueset_first_value( vs, &v )) != -1 &&
- ( bvp = slapi_value_get_berval( v )) != NULL ) {
- rlcdp->rlcd_integer_value[ i ] = reslimit_bv2int( bvp );
+ if ((( index = slapi_valueset_first_value( vs, &v )) != -1) &&
+ ( v != NULL )) {
+ rlcdp->rlcd_integer_value[ i ] = slapi_value_get_int( v );
rlcdp->rlcd_integer_available[ i ] = PR_TRUE;
LDAPDebug( SLAPI_RESLIMIT_TRACELEVEL,
commit 8a88106ba1d49818ab36548303d16a156e921afd
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 10:40:30 2011 -0600
Bug 690584 - #10643 hash_rootpw - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10643 hash_rootpw - fix coverity resource leak issues
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: store the pointer returned by pw_val2scheme and free it
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index ca580fb..2eafcf6 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -1241,7 +1241,9 @@ hash_rootpw (LDAPMod **mods)
for (j = 0; mod->mod_bvalues[j] != NULL; j++) {
char *val = mod->mod_bvalues[j]->bv_val;
char *hashedval = NULL;
- if (pw_val2scheme (val, NULL, 0)) {
+ struct pw_scheme *pws = pw_val2scheme (val, NULL, 0);
+ if (pws) {
+ free_pw_scheme(pws);
/* Value is pre-hashed, no work to do for this value */
continue;
} else if (! slapd_nss_is_initialized() ) {
commit 3e97d377e0899793fe156d09178a999952c792bf
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 10:36:09 2011 -0600
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs
send_all_attrs - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs
send_all_attrs - fix coverity resource leak issues
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: if there is an error, we still have to free the values allocated
by slapi_vattr_namespace_values_get_sp() - so just continue the for loop, but if
rc != 0 just free the remaining values and continue
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c
index fe150e7..d269477 100644
--- a/ldap/servers/slapd/result.c
+++ b/ldap/servers/slapd/result.c
@@ -995,6 +995,13 @@ static int send_all_attrs(Slapi_Entry *e,char **attrs,Slapi_Operation
*op,Slapi_
for(iter=0; iter<item_count; iter++)
{
+ if ( rc != 0 ) {
+ /* we hit an error - we need to free all of the stuff allocated by
+ slapi_vattr_namespace_values_get_sp */
+ slapi_vattr_values_free(&(values[iter]), &(actual_type_name[iter]),
attr_free_flags);
+ continue;
+ }
+
if (SLAPI_VIRTUALATTRS_TYPE_NAME_MATCHED_SUBTYPE == type_name_disposition[iter]) {
name_to_return = actual_type_name[iter];
}
@@ -1028,14 +1035,14 @@ static int send_all_attrs(Slapi_Entry *e,char
**attrs,Slapi_Operation *op,Slapi_
}
slapi_vattr_values_free(&(values[iter]), &(actual_type_name[iter]),
attr_free_flags);
- if ( rc != 0 ) {
- goto exit;
- }
}
slapi_ch_free((void**)&actual_type_name);
slapi_ch_free((void**)&type_name_disposition);
slapi_ch_free((void**)&values);
+ if ( rc != 0 ) {
+ goto exit;
+ }
} else {
rc = 0;
@@ -1121,6 +1128,12 @@ int send_specific_attrs(Slapi_Entry *e,char **attrs,Slapi_Operation
*op,Slapi_PB
for(iter=0; iter<item_count; iter++)
{
+ if ( rc != 0 ) {
+ /* we hit an error - we need to free all of the stuff allocated by
+ slapi_vattr_namespace_values_get_sp */
+ slapi_vattr_values_free(&(values[iter]), &(actual_type_name[iter]),
attr_free_flags);
+ continue;
+ }
if (SLAPI_VIRTUALATTRS_TYPE_NAME_MATCHED_SUBTYPE == type_name_disposition[iter]) {
name_to_return = actual_type_name[iter];
} else {
@@ -1154,14 +1167,14 @@ int send_specific_attrs(Slapi_Entry *e,char
**attrs,Slapi_Operation *op,Slapi_PB
rc = encode_attr_2( pb, ber, e, values[iter], attrsonly, current_type_name,
name_to_return );
slapi_vattr_values_free(&(values[iter]), &(actual_type_name[iter]),
attr_free_flags);
- if ( rc != 0 ) {
- goto exit;
- }
}
slapi_ch_free((void**)&actual_type_name);
slapi_ch_free((void**)&type_name_disposition);
slapi_ch_free((void**)&values);
+ if ( rc != 0 ) {
+ goto exit;
+ }
} else {
rc = 0;
commit 51bf2d258d097264d1d8c0d344ee40cbca09cc9d
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 09:58:33 2011 -0600
Bug 690584 - #10654 #10653 str2entry_dupcheck - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10654 #10653 str2entry_dupcheck - fix coverity resource leak issues
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: make sure to free maxcsn and attributedeletioncsn before they go
out of scope
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index a30bab1..a4a67a6 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -809,6 +809,7 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int
read_stateinfo )
slapi_entry_free( e );
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
csn_free(&attributedeletioncsn);
+ csn_free(&maxcsn);
return NULL;
}
/* normdn is consumed in e */
@@ -826,6 +827,7 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int
read_stateinfo )
slapi_entry_free( e );
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
csn_free(&attributedeletioncsn);
+ csn_free(&maxcsn);
return NULL;
}
/* normdn is just referred in slapi_entry_set_rdn. */
@@ -879,6 +881,7 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int
read_stateinfo )
if ( (flags & SLAPI_STR2ENTRY_NO_ENTRYDN) &&
strcasecmp( type, "entrydn" ) == 0 ) {
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
+ csn_free(&attributedeletioncsn);
continue;
}
@@ -939,6 +942,7 @@ str2entry_dupcheck( const char *rawdn, char *s, int flags, int
read_stateinfo )
/* Something very bad happened */
if (freeval) slapi_ch_free_string(&bvvalue.bv_val);
csn_free(&attributedeletioncsn);
+ csn_free(&maxcsn);
return NULL;
}
for ( i = 0; i < nattrs; i++ )
commit f25fef365df535c154a3cbffbda7317c5766fb38
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 09:41:30 2011 -0600
Bug 690584 - #10655 acllas__handle_group_entry - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10655 acllas__handle_group_entry - fix coverity resource leak issue
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: Make sure n_dn is freed before returning.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c
index 99b0281..e08c70c 100644
--- a/ldap/servers/plugins/acl/acllas.c
+++ b/ldap/servers/plugins/acl/acllas.c
@@ -2376,7 +2376,7 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
{
struct eval_info *info;
Slapi_Attr *currAttr, *nextAttr;
- char *n_dn, *attrType;
+ char *n_dn = NULL, *attrType;
int n;
int i;
@@ -2415,6 +2415,7 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
if (n < 0) {
slapi_log_error( SLAPI_LOG_FATAL, plugin_name,
"acllas__handle_group_entry: last member index lu_idx is overflown:%d: Too
many group ACL members\n", n);
+ slapi_ch_free_string(&n_dn);
return 0;
}
if (!(n % ACLLAS_MAX_GRP_MEMBER)) {
@@ -2428,6 +2429,7 @@ acllas__handle_group_entry (Slapi_Entry* e, void *callback_data)
"acllas__handle_group_entry: out of memory - could not allocate space for
%d group members\n",
n + ACLLAS_MAX_GRP_MEMBER );
info->memberInfo = orig_memberInfo;
+ slapi_ch_free_string(&n_dn);
return 0;
}
}
commit 5bbe379e3753b397a13fb0f3a418c90a717a1d7a
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 09:36:47 2011 -0600
Bug 690584 - #10658 linked_attrs_pre_op - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10658 linked_attrs_pre_op - fix coverity resource leak issues
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: just get rid of smods - not used here
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/plugins/linkedattrs/linked_attrs.c
b/ldap/servers/plugins/linkedattrs/linked_attrs.c
index 5cfef5d..b69b2cd 100644
--- a/ldap/servers/plugins/linkedattrs/linked_attrs.c
+++ b/ldap/servers/plugins/linkedattrs/linked_attrs.c
@@ -1446,8 +1446,7 @@ linked_attrs_pre_op(Slapi_PBlock * pb, int modop)
{
char *dn = 0;
Slapi_Entry *e = 0;
- Slapi_Mods *smods = 0;
- LDAPMod **mods;
+ LDAPMod **mods = NULL;
int free_entry = 0;
char *errstr = NULL;
int ret = 0;
@@ -1488,14 +1487,11 @@ linked_attrs_pre_op(Slapi_PBlock * pb, int modop)
/* Grab the mods. */
slapi_pblock_get(pb, SLAPI_MODIFY_MODS, &mods);
- smods = slapi_mods_new();
- slapi_mods_init_passin(smods, mods);
-
/* Apply the mods to create the resulting entry. */
if (mods && (slapi_entry_apply_mods(e, mods) != LDAP_SUCCESS)) {
/* The mods don't apply cleanly, so we just let this op go
* to let the main server handle it. */
- goto bailmod;
+ goto bail;
}
}
@@ -1509,14 +1505,6 @@ linked_attrs_pre_op(Slapi_PBlock * pb, int modop)
"linked attribute configuration.");
}
}
-
- bailmod:
- /* Clean up smods. */
- if (LDAP_CHANGETYPE_MODIFY == modop) {
- mods = slapi_mods_get_ldapmods_passout(smods);
- slapi_pblock_set(pb, SLAPI_MODIFY_MODS, mods);
- slapi_mods_free(&smods);
- }
}
bail:
commit b1cebedd1b2de30f7dd2885d57eaec19d445044a
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 09:29:23 2011 -0600
Bug 690584 - #10669 #10668 cl5ImportLDIF - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10669 #10668 cl5ImportLDIF - fix coverity resource leak issues
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: I didn't quite follow the logic, but it looked as though
maxvals and purgevals could have been re-malloced if the code allocated
them and went through the loop more than once. So I changed the code to
just realloc as needed (realloc NULL is the same as malloc). When building
maxvals and purgevals, always NULL terminate the list so we don't have to
do that later. Finally, I moved the code that cleaned up maxvals and
purgevals to the end of the function so that they will always be called.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/plugins/replication/cl5_api.c
b/ldap/servers/plugins/replication/cl5_api.c
index ea47d77..88085e1 100644
--- a/ldap/servers/plugins/replication/cl5_api.c
+++ b/ldap/servers/plugins/replication/cl5_api.c
@@ -883,8 +883,8 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object
**replicas)
struct berval **maxvals = NULL;
int purgeidx = 0;
int maxidx = 0;
- int maxpurgesz = 8;
- int maxmaxsz = 8;
+ int maxpurgesz = 0;
+ int maxmaxsz = 0;
int entryCount = 0;
/* validate params */
@@ -989,26 +989,31 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object
**replicas)
struct berval type, value;
int freeval = 0;
- purgevals = (struct berval **)slapi_ch_malloc(
- sizeof(struct berval *) * maxpurgesz);
- maxvals = (struct berval **)slapi_ch_malloc(
- sizeof(struct berval *) * maxmaxsz);
while ((line = ldif_getline(&next)) != NULL) {
rc = slapi_ldif_parse_line(line, &type, &value, &freeval);
/* ruv_dump (dbfile->purgeRUV, "clpurgeruv", prFile); */
if (0 == strcasecmp (type.bv_val, "clpurgeruv")) {
- if (maxpurgesz == purgeidx + 2) {
- maxpurgesz *= 2;
+ if (maxpurgesz < purgeidx + 2) {
+ if (!maxpurgesz) {
+ maxpurgesz = 4 * (purgeidx + 2);
+ } else {
+ maxpurgesz *= 2;
+ }
purgevals = (struct berval **)slapi_ch_realloc(
(char *)purgevals,
sizeof(struct berval *) * maxpurgesz);
}
purgevals[purgeidx++] = slapi_ch_bvdup(&value);
+ purgevals[purgeidx] = NULL; /* make sure NULL terminated */
}
/* ruv_dump (dbfile->maxRUV, "clmaxruv", prFile); */
else if (0 == strcasecmp (type.bv_val, "clmaxruv")) {
- if (maxmaxsz == maxidx + 2) {
- maxmaxsz *= 2;
+ if (maxmaxsz < maxidx + 2) {
+ if (!maxmaxsz) {
+ maxmaxsz = 4 * (maxidx + 2);
+ } else {
+ maxmaxsz *= 2;
+ }
maxvals = (struct berval **)slapi_ch_realloc(
(char *)maxvals,
sizeof(struct berval *) * maxmaxsz);
@@ -1016,6 +1021,7 @@ cl5ImportLDIF (const char *clDir, const char *ldifFile, Object
**replicas)
/* {replica #} min_csn csn [last_modified] */
/* get rid of last_modified, if any */
maxvals[maxidx++] = slapi_ch_bvdup(&value);
+ maxvals[maxidx] = NULL; /* make sure NULL terminated */
}
if (freeval) {
slapi_ch_free_string(&value.bv_val);
@@ -1096,24 +1102,13 @@ next:
if (dbfile) {
if (purgeidx > 0) {
ruv_destroy (&dbfile->purgeRUV);
- purgevals[purgeidx] = NULL;
rc = ruv_init_from_bervals(purgevals, &dbfile->purgeRUV);
}
if (maxidx > 0) {
ruv_destroy (&dbfile->maxRUV);
- maxvals[maxidx] = NULL;
rc = ruv_init_from_bervals(maxvals, &dbfile->maxRUV);
}
- for (purgeidx = 0; purgevals && purgevals[purgeidx]; purgeidx++) {
- slapi_ch_bvfree(&purgevals[purgeidx]);
- }
- slapi_ch_free((void **)&purgevals);
- for (maxidx = 0; maxvals && maxvals[maxidx]; maxidx++) {
- slapi_ch_bvfree(&maxvals[maxidx]);
- }
- slapi_ch_free((void **)&maxvals);
-
dbfile->entryCount = entryCount;
}
if (file_obj) {
@@ -1121,6 +1116,15 @@ next:
}
done:
+ for (purgeidx = 0; purgevals && purgevals[purgeidx]; purgeidx++) {
+ slapi_ch_bvfree(&purgevals[purgeidx]);
+ }
+ slapi_ch_free((void **)&purgevals);
+ for (maxidx = 0; maxvals && maxvals[maxidx]; maxidx++) {
+ slapi_ch_bvfree(&maxvals[maxidx]);
+ }
+ slapi_ch_free((void **)&maxvals);
+
if (file) {
#if defined(USE_OPENLDAP)
ldif_close(file);
commit 909150899c5262b64af5b5a4b6935a98f8593ece
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 08:52:32 2011 -0600
Bug 690584 - #10688 - dblayer_make_env - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10688 - dblayer_make_env - fix coverity resource leak issues
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: do not return upon failure, goto fail instead. The fail
condition will clean up any memory allocated in the function. I had to
move dblayer_free_env to before dblayer_make_env.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c
b/ldap/servers/slapd/back-ldbm/dblayer.c
index 534abfe..363c62d 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -1180,6 +1180,20 @@ dblayer_inst_exists(ldbm_instance *inst, char *dbname)
return 0;
}
+static void
+dblayer_free_env(struct dblayer_private_env **env)
+{
+ if (NULL == env || NULL == *env) {
+ return;
+ }
+ if ((*env)->dblayer_env_lock) {
+ PR_DestroyRWLock((*env)->dblayer_env_lock);
+ (*env)->dblayer_env_lock = NULL;
+ }
+ slapi_ch_free((void **)env);
+ return;
+}
+
/*
* create a new DB_ENV and fill it with the goodies from dblayer_private
*/
@@ -1206,8 +1220,9 @@ dblayer_make_env(struct dblayer_private_env **env, struct ldbminfo
*li)
/* Here we overide various system functions called by libdb */
ret = dblayer_override_libdb_functions(pEnv->dblayer_DB_ENV, priv);
- if (ret != 0)
- return ret;
+ if (ret != 0) {
+ goto fail;
+ }
if (priv->dblayer_spin_count != 0) {
DB_ENV_SET_TAS_SPINS(pEnv->dblayer_DB_ENV, priv->dblayer_spin_count);
@@ -1252,27 +1267,23 @@ dblayer_make_env(struct dblayer_private_env **env, struct ldbminfo
*li)
if (pEnv->dblayer_env_lock) {
*env = pEnv;
+ pEnv = NULL; /* do not free below */
} else {
LDAPDebug(LDAP_DEBUG_ANY,
"ERROR -- Failed to create RWLock (returned: %d).\n",
ret, 0, 0);
}
- return ret;
-}
-
-static void
-dblayer_free_env(struct dblayer_private_env **env)
-{
- if (NULL == env || NULL == *env) {
- return;
- }
- if ((*env)->dblayer_env_lock) {
- PR_DestroyRWLock((*env)->dblayer_env_lock);
- (*env)->dblayer_env_lock = NULL;
+fail:
+ if (pEnv) {
+ slapi_ch_array_free(priv->dblayer_data_directories);
+ priv->dblayer_data_directories = NULL;
+ if (pEnv->dblayer_DB_ENV) {
+ pEnv->dblayer_DB_ENV->close(pEnv->dblayer_DB_ENV, 0);
+ }
+ dblayer_free_env(&pEnv); /* pEnv is now garbage */
}
- slapi_ch_free((void **)env);
- return;
+ return ret;
}
/* generate an absolute path if the given instance dir is not. */
commit e99c735d37b2cec59d46bd270f661b13385cfcdd
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 08:27:52 2011 -0600
Bug 690584 - #10690 #10689 attrcrypt_get_ssl_cert_name() - fix coverity resource leak
issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10690 #10689 attrcrypt_get_ssl_cert_name() - fix coverity resource
leak issues
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: always free token and personality at the end of the function
- set personality to NULL if the memory was passed off to cert_name.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
index f700434..f0ef692 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
@@ -161,13 +161,14 @@ attrcrypt_get_ssl_cert_name(char **cert_name)
if(!strcasecmp(token, "internal") ||
!strcasecmp(token, "internal (software)")) {
*cert_name = personality;
+ personality = NULL; /* do not free below */
} else {
/* external PKCS #11 token - attach token name */
*cert_name = slapi_ch_smprintf("%s:%s", token, personality);
- slapi_ch_free_string(&personality);
}
- slapi_ch_free_string(&token);
}
+ slapi_ch_free_string(&personality);
+ slapi_ch_free_string(&token);
freeConfigEntry(&config_entry);
return 0;
}
commit 5b44581e0bee31cd455bbfe0f7cb109e7e7b25f8
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Mar 25 08:17:38 2011 -0600
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
https://bugzilla.redhat.com/show_bug.cgi?id=690584
Resolves: bug 690584
Bug Description: #10691 ldbm_back_init() - fix coverity resource leak issues
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: do not return (or exit!) from ldbm_back_init() - just goto
fail and clean up the ldbm_instance upon error.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/back-ldbm/init.c b/ldap/servers/slapd/back-ldbm/init.c
index c645444..19e6ab6 100644
--- a/ldap/servers/slapd/back-ldbm/init.c
+++ b/ldap/servers/slapd/back-ldbm/init.c
@@ -123,7 +123,7 @@ ldbm_back_init( Slapi_PBlock *pb )
/* initialize dblayer */
if (dblayer_init(li)) {
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init: dblayer_init failed\n",0, 0, 0
);
- return (-1);
+ goto fail;
}
/* Fill in the fields of the ldbminfo and the dblayer_private
@@ -138,7 +138,7 @@ ldbm_back_init( Slapi_PBlock *pb )
&li->li_bulk_import_object, &li->li_bulk_import_handle) != 0)
{
LDAPDebug(LDAP_DEBUG_ANY, "ldbm_back_init: "
"slapi_register_object_extension failed.\n", 0, 0, 0);
- return (-1);
+ goto fail;
}
/* add some private attributes */
@@ -150,24 +150,24 @@ ldbm_back_init( Slapi_PBlock *pb )
if ((li->li_dbcache_mutex = PR_NewLock()) == NULL ) {
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init: PR_NewLock failed\n",
0, 0, 0 );
- return(-1);
+ goto fail;
}
if ((li->li_shutdown_mutex = PR_NewLock()) == NULL ) {
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init: PR_NewLock failed\n",
0, 0, 0 );
- return(-1);
+ goto fail;
}
if ((li->li_config_mutex = PR_NewLock()) == NULL ) {
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init: PR_NewLock failed\n",
0, 0, 0 );
- return(-1);
+ goto fail;
}
if ((li->li_dbcache_cv = PR_NewCondVar( li->li_dbcache_mutex )) == NULL ) {
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init: PR_NewCondVar
failed\n", 0, 0, 0 );
- exit(-1);
+ goto fail;
}
/* set all of the necessary database plugin callback functions */
@@ -255,7 +255,7 @@ ldbm_back_init( Slapi_PBlock *pb )
if ( rc != 0 ) {
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init failed\n", 0, 0, 0 );
- return( -1 );
+ goto fail;
}
/* register the IDL interface with the API broker */
@@ -268,7 +268,7 @@ ldbm_back_init( Slapi_PBlock *pb )
if( slapi_apib_register(IDL_v1_0_GUID, IDL_api) )
{
LDAPDebug( LDAP_DEBUG_ANY, "ldbm_back_init: failed to publish IDL
interface\n", 0, 0, 0);
- return( -1 );
+ goto fail;
}
interface_published = 1;
@@ -277,6 +277,10 @@ ldbm_back_init( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE, "<= ldbm_back_init\n", 0, 0, 0 );
return( 0 );
+
+fail:
+ dblayer_terminate( li );
+ return( -1 );
}