Tree - rpms/389-ds-base - CentOS Git server

rpms / 389-ds-base

Blame SOURCES/0019-Ticket-50709-Several-memory-leaks-reported-by-Valgri.patch

Blob History Raw

		e52775	`From ceef0b6ae9edbb60bc6324c3dc045f3a4e5fd725 Mon Sep 17 00:00:00 2001`
		e52775	`From: Thierry Bordaz <tbordaz@redhat.com>`
		e52775	`Date: Fri, 8 Nov 2019 18:16:06 +0100`
		e52775	`Subject: [PATCH] Ticket 50709: Several memory leaks reported by Valgrind for`
		e52775	`389-ds 1.3.9.1-10`
		e52775
		e52775	`Description of the problem:`
		e52775
		e52775	`When evaluating an ACI with 'ip' subject, it adds a PRNetAddr to the subject`
		e52775	`property list. When the list is free (acl__done_aclpb) the property is not freed.`
		e52775
		e52775	`Description of the fix:`
		e52775
		e52775	`Add the property to the pblock (SLAPI_CONN_CLIENTNETADDR_ACLIP) so that it`
		e52775	`the property is freed with acl pblock.`
		e52775
		e52775	`https://pagure.io/389-ds-base/issue/50709`
		e52775
		e52775	`Reviewed by: Mark Reynolds, William Brown, Ludwig Krispenz`
		e52775	`---`
		e52775	`ldap/servers/plugins/acl/acllas.c \| 54 ++++++++++++++++++++-----------`
		e52775	`ldap/servers/slapd/connection.c \| 2 ++`
		e52775	`ldap/servers/slapd/pblock.c \| 16 +++++++++`
		e52775	`ldap/servers/slapd/slap.h \| 1 +`
		e52775	`ldap/servers/slapd/slapi-plugin.h \| 1 +`
		e52775	`5 files changed, 56 insertions(+), 18 deletions(-)`
		e52775
		e52775	`diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c`
		e52775	`index 3950fd405..a5602e198 100644`
		e52775	`--- a/ldap/servers/plugins/acl/acllas.c`
		e52775	`+++ b/ldap/servers/plugins/acl/acllas.c`
		e52775	`@@ -251,6 +251,7 @@ DS_LASIpGetter(NSErr_t *errp, PList_t subject, PList_t resource, PList_t auth_in`
		e52775	`{`
		e52775	`struct acl_pblock *aclpb = NULL;`
		e52775	`PRNetAddr *client_praddr = NULL;`
		e52775	`+ PRNetAddr *pb_client_praddr = NULL;`
		e52775	`char ip_str[256];`
		e52775	`int rv = LAS_EVAL_TRUE;`
		e52775
		e52775	`@@ -262,25 +263,39 @@ DS_LASIpGetter(NSErr_t *errp, PList_t subject, PList_t resource, PList_t auth_in`
		e52775	`return LAS_EVAL_FAIL;`
		e52775	`}`
		e52775
		e52775	`- client_praddr = (PRNetAddr *)slapi_ch_malloc(sizeof(PRNetAddr));`
		e52775	`- if (client_praddr == NULL) {`
		e52775	`- slapi_log_err(SLAPI_LOG_ERR, plugin_name, "DS_LASIpGetter - Failed to allocate client_praddr\n");`
		e52775	`- return (LAS_EVAL_FAIL);`
		e52775	`- }`
		e52775	`+ slapi_pblock_get(aclpb->aclpb_pblock, SLAPI_CONN_CLIENTNETADDR_ACLIP, &pb_client_praddr);`
		e52775	`+ if (pb_client_praddr == NULL) {`
		e52775
		e52775	`- if (slapi_pblock_get(aclpb->aclpb_pblock, SLAPI_CONN_CLIENTNETADDR, client_praddr) != 0) {`
		e52775	`- slapi_log_err(SLAPI_LOG_ERR, plugin_name, "DS_LASIpGetter - Could not get client IP.\n");`
		e52775	`- slapi_ch_free((void **)&client_praddr);`
		e52775	`- return (LAS_EVAL_FAIL);`
		e52775	`- }`
		e52775	`+ client_praddr = (PRNetAddr *) slapi_ch_malloc(sizeof (PRNetAddr));`
		e52775	`+ if (client_praddr == NULL) {`
		e52775	`+ slapi_log_err(SLAPI_LOG_ERR, plugin_name, "DS_LASIpGetter - Failed to allocate client_praddr\n");`
		e52775	`+ return (LAS_EVAL_FAIL);`
		e52775	`+ }`
		e52775
		e52775	`- rv = PListInitProp(subject, 0, ACL_ATTR_IP, (void *)client_praddr, NULL);`
		e52775	`- if (rv < 0) {`
		e52775	`- slapi_log_err(SLAPI_LOG_ACL, plugin_name, "DS_LASIpGetter - "`
		e52775	`- "Couldn't set the client addr property(%d)\n",`
		e52775	`- rv);`
		e52775	`- slapi_ch_free((void **)&client_praddr);`
		e52775	`- return LAS_EVAL_FAIL;`
		e52775	`+ if (slapi_pblock_get(aclpb->aclpb_pblock, SLAPI_CONN_CLIENTNETADDR, client_praddr) != 0) {`
		e52775	`+ slapi_log_err(SLAPI_LOG_ERR, plugin_name, "DS_LASIpGetter - Could not get client IP.\n");`
		e52775	`+ slapi_ch_free((void **) &client_praddr);`
		e52775	`+ return (LAS_EVAL_FAIL);`
		e52775	`+ }`
		e52775	`+`
		e52775	`+ rv = PListInitProp(subject, 0, ACL_ATTR_IP, (void *) client_praddr, NULL);`
		e52775	`+ if (rv < 0) {`
		e52775	`+ slapi_log_err(SLAPI_LOG_ACL, plugin_name, "DS_LASIpGetter - "`
		e52775	`+ "Couldn't set the client addr property(%d)\n",`
		e52775	`+ rv);`
		e52775	`+ slapi_ch_free((void **) &client_praddr);`
		e52775	`+ return LAS_EVAL_FAIL;`
		e52775	`+ }`
		e52775	`+`
		e52775	`+ } else {`
		e52775	`+ client_praddr = pb_client_praddr;`
		e52775	`+ rv = PListInitProp(subject, 0, ACL_ATTR_IP, (void *) client_praddr, NULL);`
		e52775	`+ if (rv < 0) {`
		e52775	`+ slapi_log_err(SLAPI_LOG_ACL, plugin_name, "DS_LASIpGetter - "`
		e52775	`+ "Couldn't set the client addr property(%d)\n",`
		e52775	`+ rv);`
		e52775	`+ return LAS_EVAL_FAIL;`
		e52775	`+ }`
		e52775	`}`
		e52775	`if (PR_NetAddrToString(client_praddr, ip_str, sizeof(ip_str)) == PR_SUCCESS) {`
		e52775	`slapi_log_err(SLAPI_LOG_ACL, plugin_name, "DS_LASIpGetter - "`
		e52775	`@@ -290,7 +305,10 @@ DS_LASIpGetter(NSErr_t *errp, PList_t subject, PList_t resource, PList_t auth_in`
		e52775	`slapi_log_err(SLAPI_LOG_ACL, plugin_name, "DS_LASIpGetter - "`
		e52775	`"Returning client ip address 'unknown'\n");`
		e52775	`}`
		e52775	`-`
		e52775	`+ if (client_praddr != pb_client_praddr) {`
		e52775	`+ /* Set it in pblock only if it is newly allocated */`
		e52775	`+ slapi_pblock_set(aclpb->aclpb_pblock, SLAPI_CONN_CLIENTNETADDR_ACLIP, client_praddr);`
		e52775	`+ }`
		e52775	`return LAS_EVAL_TRUE;`
		e52775	`}`
		e52775
		e52775	`diff --git a/ldap/servers/slapd/connection.c b/ldap/servers/slapd/connection.c`
		e52775	`index 9abd546f9..b9b280e6d 100644`
		e52775	`--- a/ldap/servers/slapd/connection.c`
		e52775	`+++ b/ldap/servers/slapd/connection.c`
		e52775	`@@ -205,6 +205,7 @@ connection_cleanup(Connection *conn)`
		e52775	`conn->c_isreplication_session = 0;`
		e52775	`slapi_ch_free((void **)&conn->cin_addr);`
		e52775	`slapi_ch_free((void **)&conn->cin_destaddr);`
		e52775	`+ slapi_ch_free((void **)&conn->cin_addr_aclip);`
		e52775	`slapi_ch_free_string(&conn->c_ipaddr);`
		e52775	`if (conn->c_domain != NULL) {`
		e52775	`ber_bvecfree(conn->c_domain);`
		e52775	`@@ -397,6 +398,7 @@ connection_reset(Connection conn, int ns, PRNetAddr from, int fromLen __attrib`
		e52775	`str_destip = str_unknown;`
		e52775	`}`
		e52775	`}`
		e52775	`+ slapi_ch_free((void **)&conn->cin_addr_aclip);`
		e52775
		e52775
		e52775	`if (!in_referral_mode) {`
		e52775	`diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c`
		e52775	`index bc18a7b18..d2ad6147a 100644`
		e52775	`--- a/ldap/servers/slapd/pblock.c`
		e52775	`+++ b/ldap/servers/slapd/pblock.c`
		e52775	`@@ -482,6 +482,14 @@ slapi_pblock_get(Slapi_PBlock pblock, int arg, void value)`
		e52775	`}`
		e52775	`PR_ExitMonitor(pblock->pb_conn->c_mutex);`
		e52775	`break;`
		e52775	`+ case SLAPI_CONN_CLIENTNETADDR_ACLIP:`
		e52775	`+ if (pblock->pb_conn == NULL) {`
		e52775	`+ break;`
		e52775	`+ }`
		e52775	`+ pthread_mutex_lock(&(pblock->pb_conn->c_mutex));`
		e52775	`+ ((PRNetAddr *) value) = pblock->pb_conn->cin_addr_aclip;`
		e52775	`+ pthread_mutex_unlock(&(pblock->pb_conn->c_mutex));`
		e52775	`+ break;`
		e52775	`case SLAPI_CONN_SERVERNETADDR:`
		e52775	`if (pblock->pb_conn == NULL) {`
		e52775	`memset(value, 0, sizeof(PRNetAddr));`
		e52775	`@@ -2571,6 +2579,14 @@ slapi_pblock_set(Slapi_PBlock pblock, int arg, void value)`
		e52775	`pblock->pb_conn->c_authtype = slapi_ch_strdup((char *)value);`
		e52775	`PR_ExitMonitor(pblock->pb_conn->c_mutex);`
		e52775	`break;`
		e52775	`+ case SLAPI_CONN_CLIENTNETADDR_ACLIP:`
		e52775	`+ if (pblock->pb_conn == NULL) {`
		e52775	`+ break;`
		e52775	`+ }`
		e52775	`+ pthread_mutex_lock(&(pblock->pb_conn->c_mutex));`
		e52775	`+ slapi_ch_free((void **)&pblock->pb_conn->cin_addr_aclip);`
		e52775	`+ pblock->pb_conn->cin_addr_aclip = (PRNetAddr *)value;`
		e52775	`+ pthread_mutex_unlock(&(pblock->pb_conn->c_mutex));`
		e52775	`case SLAPI_CONN_IS_REPLICATION_SESSION:`
		e52775	`if (pblock->pb_conn == NULL) {`
		e52775	`slapi_log_err(SLAPI_LOG_ERR,`
		e52775	`diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h`
		e52775	`index a8908d94c..4c53d43dc 100644`
		e52775	`--- a/ldap/servers/slapd/slap.h`
		e52775	`+++ b/ldap/servers/slapd/slap.h`
		e52775	`@@ -1617,6 +1617,7 @@ typedef struct conn`
		e52775	`char c_external_dn; / client DN of this SSL session */`
		e52775	`char c_external_authtype; / used for c_external_dn */`
		e52775	`PRNetAddr cin_addr; / address of client on this conn */`
		e52775	`+ PRNetAddr cin_addr_aclip; / address of client allocated by acl with 'ip' subject */`
		e52775	`PRNetAddr cin_destaddr; / address client connected to */`
		e52775	`struct berval *c_domain; / DNS names of client */`
		e52775	`Operation c_ops; / list of pending operations */`
		e52775	`diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h`
		e52775	`index 0bc3a6fab..679bdbb5c 100644`
		e52775	`--- a/ldap/servers/slapd/slapi-plugin.h`
		e52775	`+++ b/ldap/servers/slapd/slapi-plugin.h`
		e52775	`@@ -6971,6 +6971,7 @@ slapi_timer_result slapi_timespec_expire_check(struct timespec *expire);`
		e52775	`#define SLAPI_CONN_DN 143`
		e52775	`#define SLAPI_CONN_CLIENTNETADDR 850`
		e52775	`#define SLAPI_CONN_SERVERNETADDR 851`
		e52775	`+#define SLAPI_CONN_CLIENTNETADDR_ACLIP 853`
		e52775	`#define SLAPI_CONN_IS_REPLICATION_SESSION 149`
		e52775	`#define SLAPI_CONN_IS_SSL_SESSION 747`
		e52775	`#define SLAPI_CONN_CERT 743`
		e52775	`--`
		e52775	`2.24.1`
		e52775

rpms / 389-ds-base

Source Code

Blame SOURCES/0019-Ticket-50709-Several-memory-leaks-reported-by-Valgri.patch