|
 |
dc8c34 |
From 73760f92c1b3e40db5f511e4bc45569816bdf386 Mon Sep 17 00:00:00 2001
|
|
|
dc8c34 |
From: Mark Reynolds <mreynolds@redhat.com>
|
|
|
dc8c34 |
Date: Thu, 13 Mar 2014 14:07:49 -0400
|
|
|
dc8c34 |
Subject: [PATCH 184/225] Ticket 47740 - Fix coverity issues - Part 5
|
|
|
dc8c34 |
|
|
|
dc8c34 |
12494 - resource leak - /ldap/servers/slapd/saslbind.c
|
|
|
dc8c34 |
12487 - resource leak - /ldap/servers/plugins/replication/urp.c
|
|
|
dc8c34 |
12486 - resource leak - /ldap/servers/plugins/acl/acleffectiverights.c
|
|
|
dc8c34 |
12480 - resource leak - lib/ldaputil/certmap.c
|
|
|
dc8c34 |
12478 - resource leak - lib/ldaputil/certmap.c
|
|
|
dc8c34 |
12477 - resource leak - lib/ldaputil/certmap.c
|
|
|
dc8c34 |
|
|
|
dc8c34 |
https://fedorahosted.org/389/ticket/47740
|
|
|
dc8c34 |
|
|
|
dc8c34 |
Reviewed by: rmeggins(Thanks!)
|
|
|
dc8c34 |
(cherry picked from commit eb10369878df49fdd8a5ff572a6ebeee1716dac5)
|
|
|
dc8c34 |
(cherry picked from commit 1c552d56116cb6124d91773fa539a94033dbec1a)
|
|
|
dc8c34 |
---
|
|
|
dc8c34 |
ldap/servers/plugins/acl/acleffectiverights.c | 1 +
|
|
|
dc8c34 |
ldap/servers/plugins/replication/urp.c | 1 +
|
|
|
dc8c34 |
ldap/servers/slapd/saslbind.c | 2 +-
|
|
|
dc8c34 |
lib/ldaputil/certmap.c | 152 +++++++++++++-------------
|
|
|
dc8c34 |
4 files changed, 77 insertions(+), 79 deletions(-)
|
|
|
dc8c34 |
|
|
|
dc8c34 |
diff --git a/ldap/servers/plugins/acl/acleffectiverights.c b/ldap/servers/plugins/acl/acleffectiverights.c
|
|
|
dc8c34 |
index 380dd74..53e4755 100644
|
|
|
dc8c34 |
--- a/ldap/servers/plugins/acl/acleffectiverights.c
|
|
|
dc8c34 |
+++ b/ldap/servers/plugins/acl/acleffectiverights.c
|
|
|
dc8c34 |
@@ -130,6 +130,7 @@ _ger_g_permission_granted (
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
+ slapi_ch_free_string(&proxydn); /* this could still have been set - free it */
|
|
|
dc8c34 |
requestor_sdn = &(pb->pb_op->o_sdn);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
if ( slapi_sdn_get_dn (requestor_sdn) == NULL )
|
|
|
dc8c34 |
diff --git a/ldap/servers/plugins/replication/urp.c b/ldap/servers/plugins/replication/urp.c
|
|
|
dc8c34 |
index e236541..9787ff7 100644
|
|
|
dc8c34 |
--- a/ldap/servers/plugins/replication/urp.c
|
|
|
dc8c34 |
+++ b/ldap/servers/plugins/replication/urp.c
|
|
|
dc8c34 |
@@ -1248,6 +1248,7 @@ get_dn_plus_uniqueid(char *sessionid, const Slapi_DN *oldsdn, const char *unique
|
|
|
dc8c34 |
char *parentdn = slapi_dn_parent(slapi_sdn_get_dn(oldsdn));
|
|
|
dc8c34 |
slapi_rdn_add(rdn, SLAPI_ATTR_UNIQUEID, uniqueid);
|
|
|
dc8c34 |
newdn = slapi_ch_smprintf("%s,%s", slapi_rdn_get_rdn(rdn), parentdn);
|
|
|
dc8c34 |
+ slapi_ch_free_string(&parentdn);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
slapi_rdn_free(&rdn;;
|
|
|
dc8c34 |
return newdn;
|
|
|
dc8c34 |
diff --git a/ldap/servers/slapd/saslbind.c b/ldap/servers/slapd/saslbind.c
|
|
|
dc8c34 |
index a5db020..eb814a2 100644
|
|
|
dc8c34 |
--- a/ldap/servers/slapd/saslbind.c
|
|
|
dc8c34 |
+++ b/ldap/servers/slapd/saslbind.c
|
|
|
dc8c34 |
@@ -498,7 +498,7 @@ static int ids_sasl_getpluginpath(sasl_conn_t *conn, const char **path)
|
|
|
dc8c34 |
* 64-bit Linux machines, and /usr/lib/sasl2 on all other platforms.
|
|
|
dc8c34 |
*/
|
|
|
dc8c34 |
char *pluginpath = config_get_saslpath();
|
|
|
dc8c34 |
- if ((!pluginpath) || (*pluginpath == '\0')) {
|
|
|
dc8c34 |
+ if (!pluginpath) {
|
|
|
dc8c34 |
if (!(pluginpath = getenv("SASL_PATH"))) {
|
|
|
dc8c34 |
#if defined(LINUX) && defined(__LP64__)
|
|
|
dc8c34 |
pluginpath = "/usr/lib64/sasl2";
|
|
|
dc8c34 |
diff --git a/lib/ldaputil/certmap.c b/lib/ldaputil/certmap.c
|
|
|
dc8c34 |
index e27633c..aa5bafa 100644
|
|
|
dc8c34 |
--- a/lib/ldaputil/certmap.c
|
|
|
dc8c34 |
+++ b/lib/ldaputil/certmap.c
|
|
|
dc8c34 |
@@ -500,13 +500,13 @@ static int process_certinfo (LDAPUCertMapInfo_t *certinfo)
|
|
|
dc8c34 |
char *searchAttr = 0;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (!ldapu_strcasecmp(certinfo->issuerName, "default")) {
|
|
|
dc8c34 |
- default_certmap_info = certinfo;
|
|
|
dc8c34 |
+ default_certmap_info = certinfo;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else if (!certinfo->issuerDN) {
|
|
|
dc8c34 |
- return LDAPU_ERR_NO_ISSUERDN_IN_CONFIG_FILE;
|
|
|
dc8c34 |
+ return LDAPU_ERR_NO_ISSUERDN_IN_CONFIG_FILE;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else {
|
|
|
dc8c34 |
- rv = ldapu_list_add_info(certmap_listinfo, certinfo);
|
|
|
dc8c34 |
+ rv = ldapu_list_add_info(certmap_listinfo, certinfo);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
@@ -515,21 +515,21 @@ static int process_certinfo (LDAPUCertMapInfo_t *certinfo)
|
|
|
dc8c34 |
rv = ldapu_certmap_info_attrval (certinfo, LDAPU_ATTR_DNCOMPS, &dncomps);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv == LDAPU_SUCCESS && dncomps) {
|
|
|
dc8c34 |
- certinfo->dncompsState = COMPS_HAS_ATTRS;
|
|
|
dc8c34 |
- tolower_string(dncomps);
|
|
|
dc8c34 |
+ certinfo->dncompsState = COMPS_HAS_ATTRS;
|
|
|
dc8c34 |
+ tolower_string(dncomps);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else if (rv == LDAPU_FAILED) {
|
|
|
dc8c34 |
- certinfo->dncompsState = COMPS_COMMENTED_OUT;
|
|
|
dc8c34 |
- rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
+ certinfo->dncompsState = COMPS_COMMENTED_OUT;
|
|
|
dc8c34 |
+ rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else if (rv == LDAPU_SUCCESS && !dncomps) {
|
|
|
dc8c34 |
- certinfo->dncompsState = COMPS_EMPTY;
|
|
|
dc8c34 |
- dncomps = ""; /* present but empty */
|
|
|
dc8c34 |
+ certinfo->dncompsState = COMPS_EMPTY;
|
|
|
dc8c34 |
+ dncomps = ""; /* present but empty */
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
rv = parse_into_bitmask (dncomps, &certinfo->dncomps, -1);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (dncomps && *dncomps) free(dncomps);
|
|
|
dc8c34 |
+ free(dncomps); dncomps = NULL;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -538,21 +538,21 @@ static int process_certinfo (LDAPUCertMapInfo_t *certinfo)
|
|
|
dc8c34 |
&filtercomps);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv == LDAPU_SUCCESS && filtercomps) {
|
|
|
dc8c34 |
- certinfo->filtercompsState = COMPS_HAS_ATTRS;
|
|
|
dc8c34 |
- tolower_string(filtercomps);
|
|
|
dc8c34 |
+ certinfo->filtercompsState = COMPS_HAS_ATTRS;
|
|
|
dc8c34 |
+ tolower_string(filtercomps);
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else if (rv == LDAPU_FAILED) {
|
|
|
dc8c34 |
- certinfo->filtercompsState = COMPS_COMMENTED_OUT;
|
|
|
dc8c34 |
- rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
+ certinfo->filtercompsState = COMPS_COMMENTED_OUT;
|
|
|
dc8c34 |
+ rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else if (rv == LDAPU_SUCCESS && !filtercomps) {
|
|
|
dc8c34 |
- certinfo->filtercompsState = COMPS_EMPTY;
|
|
|
dc8c34 |
- filtercomps = ""; /* present but empty */
|
|
|
dc8c34 |
+ certinfo->filtercompsState = COMPS_EMPTY;
|
|
|
dc8c34 |
+ filtercomps = ""; /* present but empty */
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
rv = parse_into_bitmask (filtercomps, &certinfo->filtercomps, 0);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (filtercomps && *filtercomps) free(filtercomps);
|
|
|
dc8c34 |
+ if (filtercomps) free(filtercomps);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
@@ -560,15 +560,15 @@ static int process_certinfo (LDAPUCertMapInfo_t *certinfo)
|
|
|
dc8c34 |
rv = ldapu_certmap_info_attrval(certinfo, LDAPU_ATTR_CERTMAP_LDAP_ATTR,
|
|
|
dc8c34 |
&searchAttr);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (rv == LDAPU_FAILED || !searchAttr || !*searchAttr)
|
|
|
dc8c34 |
- rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
- else {
|
|
|
dc8c34 |
- certinfo->searchAttr = searchAttr ? strdup(searchAttr) : 0;
|
|
|
dc8c34 |
+ if (rv == LDAPU_FAILED || !searchAttr){
|
|
|
dc8c34 |
+ rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ certinfo->searchAttr = searchAttr;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (searchAttr && !certinfo->searchAttr)
|
|
|
dc8c34 |
- rv = LDAPU_ERR_OUT_OF_MEMORY;
|
|
|
dc8c34 |
- else
|
|
|
dc8c34 |
- rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
+ if (searchAttr && !certinfo->searchAttr)
|
|
|
dc8c34 |
+ rv = LDAPU_ERR_OUT_OF_MEMORY;
|
|
|
dc8c34 |
+ else
|
|
|
dc8c34 |
+ rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
@@ -578,73 +578,69 @@ static int process_certinfo (LDAPUCertMapInfo_t *certinfo)
|
|
|
dc8c34 |
rv = ldapu_certmap_info_attrval(certinfo, LDAPU_ATTR_VERIFYCERT, &verify);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv == LDAPU_SUCCESS) {
|
|
|
dc8c34 |
- if (!ldapu_strcasecmp(verify, "on"))
|
|
|
dc8c34 |
- certinfo->verifyCert = 1;
|
|
|
dc8c34 |
- else if (!ldapu_strcasecmp(verify, "off"))
|
|
|
dc8c34 |
- certinfo->verifyCert = 0;
|
|
|
dc8c34 |
- else if (!verify || !*verify) /* for mail/news backward compatibilty */
|
|
|
dc8c34 |
- certinfo->verifyCert = 1; /* otherwise, this should be an error */
|
|
|
dc8c34 |
- else
|
|
|
dc8c34 |
- rv = LDAPU_ERR_MISSING_VERIFYCERT_VAL;
|
|
|
dc8c34 |
+ if (!ldapu_strcasecmp(verify, "on"))
|
|
|
dc8c34 |
+ certinfo->verifyCert = 1;
|
|
|
dc8c34 |
+ else if (!ldapu_strcasecmp(verify, "off"))
|
|
|
dc8c34 |
+ certinfo->verifyCert = 0;
|
|
|
dc8c34 |
+ else if (!verify || !*verify) /* for mail/news backward compatibilty */
|
|
|
dc8c34 |
+ certinfo->verifyCert = 1; /* otherwise, this should be an error */
|
|
|
dc8c34 |
+ else
|
|
|
dc8c34 |
+ rv = LDAPU_ERR_MISSING_VERIFYCERT_VAL;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
else if (rv == LDAPU_FAILED) rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (verify && *verify) free(verify);
|
|
|
dc8c34 |
+ if (verify) free(verify);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
{
|
|
|
dc8c34 |
- PRLibrary *lib = 0;
|
|
|
dc8c34 |
+ PRLibrary *lib = 0;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- /* look for the library property and load it */
|
|
|
dc8c34 |
- rv = ldapu_certmap_info_attrval(certinfo, LDAPU_ATTR_LIBRARY, &libname);
|
|
|
dc8c34 |
+ /* look for the library property and load it */
|
|
|
dc8c34 |
+ rv = ldapu_certmap_info_attrval(certinfo, LDAPU_ATTR_LIBRARY, &libname);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (rv == LDAPU_SUCCESS) {
|
|
|
dc8c34 |
- if (libname && *libname) {
|
|
|
dc8c34 |
- lib = PR_LoadLibrary(libname);
|
|
|
dc8c34 |
- if (!lib) rv = LDAPU_ERR_UNABLE_TO_LOAD_PLUGIN;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- else {
|
|
|
dc8c34 |
- rv = LDAPU_ERR_MISSING_LIBNAME;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- else if (rv == LDAPU_FAILED) rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
+ if (rv == LDAPU_SUCCESS) {
|
|
|
dc8c34 |
+ if (libname && *libname) {
|
|
|
dc8c34 |
+ lib = PR_LoadLibrary(libname);
|
|
|
dc8c34 |
+ if (!lib) rv = LDAPU_ERR_UNABLE_TO_LOAD_PLUGIN;
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ rv = LDAPU_ERR_MISSING_LIBNAME;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ } else if (rv == LDAPU_FAILED) rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (libname) free(libname);
|
|
|
dc8c34 |
- if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
+ if (libname) free(libname);
|
|
|
dc8c34 |
+ if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- /* look for the InitFn property, find it in the libray and call it */
|
|
|
dc8c34 |
- rv = ldapu_certmap_info_attrval(certinfo, LDAPU_ATTR_INITFN, &fname);
|
|
|
dc8c34 |
+ /* look for the InitFn property, find it in the libray and call it */
|
|
|
dc8c34 |
+ rv = ldapu_certmap_info_attrval(certinfo, LDAPU_ATTR_INITFN, &fname);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (rv == LDAPU_SUCCESS) {
|
|
|
dc8c34 |
- if (fname && *fname) {
|
|
|
dc8c34 |
- /* If lib is NULL, PR_FindSymbol will search all libs loaded
|
|
|
dc8c34 |
- * through PR_LoadLibrary.
|
|
|
dc8c34 |
- */
|
|
|
dc8c34 |
- CertMapInitFn_t fn = (CertMapInitFn_t)PR_FindSymbol(lib, fname);
|
|
|
dc8c34 |
+ if (rv == LDAPU_SUCCESS) {
|
|
|
dc8c34 |
+ if (fname && *fname) {
|
|
|
dc8c34 |
+ /* If lib is NULL, PR_FindSymbol will search all libs loaded
|
|
|
dc8c34 |
+ * through PR_LoadLibrary.
|
|
|
dc8c34 |
+ */
|
|
|
dc8c34 |
+ CertMapInitFn_t fn = (CertMapInitFn_t)PR_FindSymbol(lib, fname);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (!fn) {
|
|
|
dc8c34 |
- rv = LDAPU_ERR_MISSING_INIT_FN_IN_LIB;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- else {
|
|
|
dc8c34 |
- rv = (*fn)(certinfo, certinfo->issuerName,
|
|
|
dc8c34 |
- certinfo->issuerDN, this_dllname);
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- else {
|
|
|
dc8c34 |
- rv = LDAPU_ERR_MISSING_INIT_FN_NAME;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- else if (lib) {
|
|
|
dc8c34 |
- /* If library is specified, init function must be specified */
|
|
|
dc8c34 |
- /* If init fn is specified, library may not be specified */
|
|
|
dc8c34 |
- rv = LDAPU_ERR_MISSING_INIT_FN_IN_CONFIG;
|
|
|
dc8c34 |
- }
|
|
|
dc8c34 |
- else if (rv == LDAPU_FAILED) rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
-
|
|
|
dc8c34 |
- if (fname) free(fname);
|
|
|
dc8c34 |
+ if (!fn) {
|
|
|
dc8c34 |
+ rv = LDAPU_ERR_MISSING_INIT_FN_IN_LIB;
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ rv = (*fn)(certinfo, certinfo->issuerName,
|
|
|
dc8c34 |
+ certinfo->issuerDN, this_dllname);
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ } else {
|
|
|
dc8c34 |
+ rv = LDAPU_ERR_MISSING_INIT_FN_NAME;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+ } else if (lib) {
|
|
|
dc8c34 |
+ /* If library is specified, init function must be specified */
|
|
|
dc8c34 |
+ /* If init fn is specified, library may not be specified */
|
|
|
dc8c34 |
+ rv = LDAPU_ERR_MISSING_INIT_FN_IN_CONFIG;
|
|
|
dc8c34 |
+ } else if (rv == LDAPU_FAILED){
|
|
|
dc8c34 |
+ rv = LDAPU_SUCCESS;
|
|
|
dc8c34 |
+ }
|
|
|
dc8c34 |
+
|
|
|
dc8c34 |
+ if (fname) free(fname);
|
|
|
dc8c34 |
|
|
|
dc8c34 |
- if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
+ if (rv != LDAPU_SUCCESS) return rv;
|
|
|
dc8c34 |
}
|
|
|
dc8c34 |
|
|
|
dc8c34 |
return rv;
|
|
|
dc8c34 |
--
|
|
|
dc8c34 |
1.8.1.4
|
|
|
dc8c34 |
|