From 6bc7e9a2ffc09f235d60cd31ed610b62b0d47799 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Mon, 24 Mar 2014 19:05:36 -0700
Subject: [PATCH 191/225] Ticket 47740 - Fix coverity issues(part 7)
12496 - resource leak - ldap/servers/slapd/mapping_tree.c
12497 - resource leak - ldap/servers/slapd/mapping_tree.c
12500 - resource leak - ldap/servers/plugins/chainingdb/cb_instance.c
12501 - resource leak - ldap/servers/plugins/sync/sync_refresh.c
12506 - resource leak - ldap/servers/plugins/chainingdb/cb_config.c
12509 - reosurce leak - ldap/servers/plugins/chainingdb/cb_bind.c
12510 - reosurce leak - lib/ldaputil/certmap.c
12538 - resource leak - ldap/servers/plugins/mep/mep.c
12539 - resource leak - ldap/servers/plugins/posix-winsync/posix-winsync.c
12540 - resource leak - ldap/servers/plugins/posix-winsync/posix-winsync.c
12541 - resource leak - ldap/servers/plugins/posix-winsync/posix-winsync.c
12542 - resource leak - ldap/servers/plugins/posix-winsync/posix-winsync.c
https://fedorahosted.org/389/ticket/47740
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 99609ceebad3bfb1926065ca4c0337847ccf38dd)
(cherry picked from commit 1ed422213cd8b8d7adbcf5ec35a0e3a7b2e14328)
---
ldap/servers/plugins/chainingdb/cb_bind.c | 43 +++----
ldap/servers/plugins/chainingdb/cb_config.c | 175 ++++++++++++++------------
ldap/servers/plugins/chainingdb/cb_instance.c | 2 +-
ldap/servers/plugins/mep/mep.c | 1 +
ldap/servers/slapd/mapping_tree.c | 13 +-
lib/ldaputil/certmap.c | 4 +-
6 files changed, 125 insertions(+), 113 deletions(-)
diff --git a/ldap/servers/plugins/chainingdb/cb_bind.c b/ldap/servers/plugins/chainingdb/cb_bind.c
index 7c22931..827916e 100644
--- a/ldap/servers/plugins/chainingdb/cb_bind.c
+++ b/ldap/servers/plugins/chainingdb/cb_bind.c
@@ -230,29 +230,27 @@ release_and_return:
int
chainingdb_bind( Slapi_PBlock *pb )
{
-
- int status=LDAP_SUCCESS;
- int allocated_errmsg;
- int rc=LDAP_SUCCESS;
- cb_backend_instance *cb;
- Slapi_Backend *be;
- const char *dn = NULL;
- Slapi_DN *sdn = NULL;
- Slapi_DN *mysdn = NULL;
- int method;
- struct berval *creds, **urls;
- char *matcheddn,*errmsg;
- LDAPControl **reqctrls, **resctrls, **ctrls;
- char * mechanism;
- int freectrls=1;
- int bind_retry;
+ cb_backend_instance *cb;
+ Slapi_Backend *be;
+ struct berval *creds = NULL, **urls = NULL;
+ const char *dn = NULL;
+ Slapi_DN *sdn = NULL;
+ Slapi_DN *mysdn = NULL;
+ char *matcheddn = NULL, *errmsg = NULL;
+ LDAPControl **reqctrls = NULL, **resctrls = NULL, **ctrls = NULL;
+ char *mechanism = NULL;
+ int status=LDAP_SUCCESS;
+ int allocated_errmsg = 0;
+ int rc = LDAP_SUCCESS;
+ int freectrls = 1;
+ int bind_retry;
+ int method;
if ( LDAP_SUCCESS != (rc = cb_forward_operation(pb) )) {
cb_send_ldap_result( pb, rc, NULL, "Chaining forbidden", 0, NULL );
return SLAPI_BIND_FAIL;
}
- ctrls=NULL;
/* don't add proxy auth control. use this call to check for supported */
/* controls only. */
if ( LDAP_SUCCESS != ( rc = cb_update_controls( pb, NULL, &ctrls, 0 )) ) {
@@ -285,11 +283,6 @@ chainingdb_bind( Slapi_PBlock *pb )
cb_update_monitor_info(pb,cb,SLAPI_OPERATION_BIND);
- matcheddn=errmsg=NULL;
- allocated_errmsg = 0;
- resctrls=NULL;
- urls=NULL;
-
/* Check wether the chaining BE is available or not */
if ( cb_check_availability( cb, pb ) == FARMSERVER_UNAVAILABLE ){
slapi_sdn_free(&mysdn);
@@ -313,12 +306,14 @@ chainingdb_bind( Slapi_PBlock *pb )
cb_ping_farm(cb,NULL,0);
}
rc = LDAP_OPERATIONS_ERROR;
+ } else {
+ allocated_errmsg = 1;
}
if ( rc != LDAP_USER_CANCELLED ) { /* not abandoned */
if ( resctrls != NULL ) {
slapi_pblock_set( pb, SLAPI_RESCONTROLS, resctrls );
- freectrls=0;
+ freectrls = 0;
}
if ( rc != LDAP_SUCCESS ) {
@@ -332,7 +327,7 @@ chainingdb_bind( Slapi_PBlock *pb )
if ( freectrls && ( resctrls != NULL )) {
ldap_controls_free( resctrls );
}
- slapi_ch_free((void **)& matcheddn );
+ slapi_ch_free_string(&matcheddn);
if ( allocated_errmsg ) {
slapi_ch_free_string(&errmsg);
}
diff --git a/ldap/servers/plugins/chainingdb/cb_config.c b/ldap/servers/plugins/chainingdb/cb_config.c
index d05470c..7cbd7ba 100644
--- a/ldap/servers/plugins/chainingdb/cb_config.c
+++ b/ldap/servers/plugins/chainingdb/cb_config.c
@@ -404,23 +404,23 @@ int
cb_config_modify_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* e, int *returncode,
char *returntext, void *arg)
{
- LDAPMod **mods;
+ LDAPMod **mods;
char *attr_name;
int i,j;
- cb_backend *cb = (cb_backend *) arg;
+ cb_backend *cb = (cb_backend *) arg;
CB_ASSERT (cb!=NULL);
- slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
+ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods );
- for (i = 0; mods[i] ; i++) {
+ for (i = 0; mods[i] ; i++) {
attr_name = mods[i]->mod_type;
- if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_FORWARD_CTRLS )) {
+ if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_FORWARD_CTRLS )) {
char * config_attr_value;
int done=0;
- for (j = 0; mods[i]->mod_bvalues && mods[i]->mod_bvalues[j]; j++) {
- config_attr_value = (char *) mods[i]->mod_bvalues[j]->bv_val;
+ for (j = 0; mods[i]->mod_bvalues && mods[i]->mod_bvalues[j]; j++) {
+ config_attr_value = (char *) mods[i]->mod_bvalues[j]->bv_val;
if (!cb_is_control_forwardable(cb,config_attr_value)) {
slapi_log_error(SLAPI_LOG_PLUGIN,CB_PLUGIN_SUBSYSTEM,
"control %s can't be forwarded.\n",config_attr_value);
@@ -428,100 +428,111 @@ cb_config_modify_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entr
return SLAPI_DSE_CALLBACK_ERROR;
}
- if (SLAPI_IS_MOD_REPLACE(mods[i]->mod_op)) {
+ if(SLAPI_IS_MOD_REPLACE(mods[i]->mod_op)) {
if (!done) {
cb_unregister_all_supported_control(cb);
done=1;
}
cb_register_supported_control(cb,config_attr_value,0);
- } else
+ } else {
if (SLAPI_IS_MOD_ADD(mods[i]->mod_op)) {
- cb_register_supported_control(cb,config_attr_value,0);
- } else
- if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
- cb_unregister_supported_control(cb,config_attr_value,0);
+ cb_register_supported_control(cb,config_attr_value,0);
+ } else {
+ if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
+ cb_unregister_supported_control(cb,config_attr_value,0);
+ }
+ }
}
}
- if (NULL == mods[i]->mod_bvalues)
+ if (NULL == mods[i]->mod_bvalues){
cb_unregister_all_supported_control(cb);
- } else
- if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_DEBUG )) {
- /* assume single-valued */
- if (mods[i]->mod_op & LDAP_MOD_DELETE)
- cb_set_debug(0);
- else if (SLAPI_IS_MOD_ADD(mods[i]->mod_op))
- cb_set_debug(1);
- } else
- if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_CHAINING_COMPONENTS )) {
- char * config_attr_value;
- int done=0;
-
- slapi_rwlock_wrlock(cb->config.rwl_config_lock);
-
- for (j = 0; mods[i]->mod_bvalues && mods[i]->mod_bvalues[j]; j++) {
- config_attr_value = (char *) mods[i]->mod_bvalues[j]->bv_val;
- if (SLAPI_IS_MOD_REPLACE(mods[i]->mod_op)) {
- if (!done) {
- charray_free(cb->config.chaining_components);
- cb->config.chaining_components=NULL;
- done=1;
- }
- /* XXXSD assume dn. Normalize it */
- charray_add(&cb->config.chaining_components,
- slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
- } else
- if (SLAPI_IS_MOD_ADD(mods[i]->mod_op)) {
- charray_add(&cb->config.chaining_components,
- slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
- } else
- if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
- charray_remove(cb->config.chaining_components,
- slapi_dn_normalize(slapi_ch_strdup(config_attr_value)),
- 0 /* freeit */);
- }
- }
- if (NULL == mods[i]->mod_bvalues) {
- charray_free(cb->config.chaining_components);
- cb->config.chaining_components=NULL;
}
+ } else {
+ if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_DEBUG )) {
+ /* assume single-valued */
+ if (mods[i]->mod_op & LDAP_MOD_DELETE){
+ cb_set_debug(0);
+ } else if (SLAPI_IS_MOD_ADD(mods[i]->mod_op)) {
+ cb_set_debug(1);
+ }
+ } else {
+ if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_CHAINING_COMPONENTS )) {
+ char * config_attr_value;
+ int done=0;
+
+ slapi_rwlock_wrlock(cb->config.rwl_config_lock);
+
+ for (j = 0; mods[i]->mod_bvalues && mods[i]->mod_bvalues[j]; j++) {
+ config_attr_value = (char *) mods[i]->mod_bvalues[j]->bv_val;
+ if (SLAPI_IS_MOD_REPLACE(mods[i]->mod_op)) {
+ if (!done) {
+ charray_free(cb->config.chaining_components);
+ cb->config.chaining_components=NULL;
+ done=1;
+ }
+ /* XXXSD assume dn. Normalize it */
+ charray_add(&cb->config.chaining_components,
+ slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
+ } else {
+ if (SLAPI_IS_MOD_ADD(mods[i]->mod_op)) {
+ charray_add(&cb->config.chaining_components,
+ slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
+ } else {
+ if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
+ char *remove_val = slapi_ch_strdup(config_attr_value);
+ charray_remove(cb->config.chaining_components,
+ slapi_dn_normalize(remove_val), 0 /* freeit */);
+ slapi_ch_free_string(&remove_val);
+ }
+ }
+ }
+ }
+ if (NULL == mods[i]->mod_bvalues) {
+ charray_free(cb->config.chaining_components);
+ cb->config.chaining_components=NULL;
+ }
- slapi_rwlock_unlock(cb->config.rwl_config_lock);
- } else
- if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_CHAINABLE_COMPONENTS )) {
- char *config_attr_value;
- char *attr_val;
- int done=0;
-
- slapi_rwlock_wrlock(cb->config.rwl_config_lock);
-
- for (j = 0; mods[i]->mod_bvalues && mods[i]->mod_bvalues[j]; j++) {
- config_attr_value = (char *) mods[i]->mod_bvalues[j]->bv_val;
- if (SLAPI_IS_MOD_REPLACE(mods[i]->mod_op)) {
- if (!done) {
+ slapi_rwlock_unlock(cb->config.rwl_config_lock);
+ } else {
+ if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_CHAINABLE_COMPONENTS )) {
+ char *config_attr_value;
+ char *attr_val;
+ int done=0;
+
+ slapi_rwlock_wrlock(cb->config.rwl_config_lock);
+
+ for (j = 0; mods[i]->mod_bvalues && mods[i]->mod_bvalues[j]; j++) {
+ config_attr_value = (char *) mods[i]->mod_bvalues[j]->bv_val;
+ if (SLAPI_IS_MOD_REPLACE(mods[i]->mod_op)) {
+ if (!done) {
+ charray_free(cb->config.chainable_components);
+ cb->config.chainable_components=NULL;
+ done=1;
+ }
+ charray_add(&cb->config.chainable_components,
+ slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
+ } else if (SLAPI_IS_MOD_ADD(mods[i]->mod_op)) {
+ charray_add(&cb->config.chainable_components,
+ slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
+ } else if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
+ attr_val = slapi_dn_normalize(slapi_ch_strdup(config_attr_value));
+ charray_remove(cb->config.chainable_components, attr_val, 0 /* freeit */);
+ slapi_ch_free_string(&attr_val);
+ }
+ }
+ if (NULL == mods[i]->mod_bvalues) {
charray_free(cb->config.chainable_components);
cb->config.chainable_components=NULL;
- done=1;
}
- charray_add(&cb->config.chainable_components,
- slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
- } else if (SLAPI_IS_MOD_ADD(mods[i]->mod_op)) {
- charray_add(&cb->config.chainable_components,
- slapi_dn_normalize(slapi_ch_strdup(config_attr_value)));
- } else if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
- attr_val = slapi_dn_normalize(slapi_ch_strdup(config_attr_value));
- charray_remove(cb->config.chainable_components, attr_val, 0 /* freeit */);
- slapi_ch_free_string(&attr_val);
+
+ slapi_rwlock_unlock(cb->config.rwl_config_lock);
}
}
- if (NULL == mods[i]->mod_bvalues) {
- charray_free(cb->config.chainable_components);
- cb->config.chainable_components=NULL;
- }
-
- slapi_rwlock_unlock(cb->config.rwl_config_lock);
+ }
}
}
*returncode=LDAP_SUCCESS;
+
return SLAPI_DSE_CALLBACK_OK;
}
diff --git a/ldap/servers/plugins/chainingdb/cb_instance.c b/ldap/servers/plugins/chainingdb/cb_instance.c
index 86bb635..db0cf37 100644
--- a/ldap/servers/plugins/chainingdb/cb_instance.c
+++ b/ldap/servers/plugins/chainingdb/cb_instance.c
@@ -405,7 +405,7 @@ int cb_instance_modify_config_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor
} else
if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op)) {
charray_remove(inst->illegal_attributes,
- slapi_ch_strdup(config_attr_value),
+ config_attr_value,
0 /* freeit */);
}
}
diff --git a/ldap/servers/plugins/mep/mep.c b/ldap/servers/plugins/mep/mep.c
index f8e3c2b..d81ecf4 100644
--- a/ldap/servers/plugins/mep/mep.c
+++ b/ldap/servers/plugins/mep/mep.c
@@ -2637,6 +2637,7 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
/* Bail out if the plug-in close function was just called. */
if (!g_plugin_started) {
mep_config_unlock();
+ slapi_ch_free_string(&managed_dn);
slapi_pblock_destroy(mep_pb);
return 0;
}
diff --git a/ldap/servers/slapd/mapping_tree.c b/ldap/servers/slapd/mapping_tree.c
index 12d9205..2e8cbff 100644
--- a/ldap/servers/slapd/mapping_tree.c
+++ b/ldap/servers/slapd/mapping_tree.c
@@ -1284,11 +1284,15 @@ int mapping_tree_entry_modify_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor
*returncode = LDAP_OPERATIONS_ERROR;
mtn_unlock();
slapi_sdn_free(&subtree);
+ slapi_ch_free_string(&plugin_fct);
+ slapi_ch_free_string(&plugin_lib);
return SLAPI_DSE_CALLBACK_ERROR;
}
mtn_unlock();
slapi_sdn_free(&subtree);
+ slapi_ch_free_string(&plugin_fct);
+ slapi_ch_free_string(&plugin_lib);
*returncode = LDAP_SUCCESS;
return SLAPI_DSE_CALLBACK_OK;
}
@@ -1301,18 +1305,18 @@ int mapping_tree_entry_modify_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor
slapi_entry_attr_find(entryAfter,
"nsslapd-distribution-funct", &attr);
slapi_attr_first_value(attr, &val);
+ slapi_ch_free_string(&plugin_fct);
if (NULL == val) {
LDAPDebug(LDAP_DEBUG_ANY,
"Warning: The nsslapd-distribution-funct attribute"
" has no value for the mapping tree node %s\n",
slapi_entry_get_dn(entryAfter), 0, 0);
- plugin_fct = NULL;
}
plugin_fct = slapi_ch_strdup(slapi_value_get_string(val));
}
else if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op))
{
- plugin_fct = NULL;
+ slapi_ch_free_string(&plugin_fct);
}
plugin_flag = 1;
}
@@ -1325,21 +1329,20 @@ int mapping_tree_entry_modify_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor
slapi_entry_attr_find(entryAfter,
"nsslapd-distribution-plugin", &attr);
slapi_attr_first_value(attr, &val);
+ slapi_ch_free_string(&plugin_lib);
if (NULL == val) {
LDAPDebug(LDAP_DEBUG_ANY,
"Warning: The nsslapd-distribution-plugin attribute"
" has no value for the mapping tree node %s\n",
slapi_entry_get_dn(entryAfter), 0, 0);
- plugin_lib = NULL;
}
plugin_lib = slapi_ch_strdup(slapi_value_get_string(val));
}
else if (SLAPI_IS_MOD_DELETE(mods[i]->mod_op))
{
- plugin_lib = NULL;
+ slapi_ch_free_string(&plugin_lib);
}
plugin_flag = 1;
-
}
}
diff --git a/lib/ldaputil/certmap.c b/lib/ldaputil/certmap.c
index 0935e4d..e656e20 100644
--- a/lib/ldaputil/certmap.c
+++ b/lib/ldaputil/certmap.c
@@ -737,7 +737,9 @@ static int ldapu_cert_searchfn_default (void *cert, LDAP *ld,
rv = ldapu_get_cert_subject_dn(cert, &subjectDN);
- if (rv != LDAPU_SUCCESS || !subjectDN || !*subjectDN) return rv;
+ if (rv != LDAPU_SUCCESS || !subjectDN){
+ return rv;
+ }
len = strlen(certmap_info->searchAttr) + strlen(subjectDN) +
strlen("=") + 1;
certFilter = (char *)ldapu_malloc(len * sizeof(char));
--
1.8.1.4