Fix double-free on ciphersuite parse failure

[openldap] / libraries / libldap / modify.c

diff --git a/libraries/libldap/modify.c b/libraries/libldap/modify.c
index bba2a25de754f0dbe0c40d859dd4383050450d1d..d598064dc63190f05ca5a34a9360279315a8957b 100644 (file)
--- a/libraries/libldap/modify.c
+++ b/libraries/libldap/modify.c
@@ -1,13 +1,19 @@
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-/*  Portions
- *  Copyright (c) 1990 Regents of the University of Michigan.
- *  All rights reserved.
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2014 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
  *
- *  modify.c
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* Portions Copyright (c) 1990 Regents of the University of Michigan.
+ * All rights reserved.
  */
 
 #include "portable.h"
@@ -20,6 +26,32 @@
 
 #include "ldap-int.h"
 
+/* A modify request/response looks like this:
+ *        ModifyRequest ::= [APPLICATION 6] SEQUENCE {              
+ *             object          LDAPDN,
+ *             changes         SEQUENCE OF change SEQUENCE {
+ *                  operation       ENUMERATED {      
+ *                       add     (0),                
+ *                       delete  (1),                 
+ *                       replace (2),
+ *                       ...  },
+ *                  modification    PartialAttribute } }                  
+ *
+ *        PartialAttribute ::= SEQUENCE {
+ *             type       AttributeDescription,
+ *             vals       SET OF value AttributeValue }
+ *
+ *        AttributeDescription ::= LDAPString           
+ *              -- Constrained to <attributedescription> [RFC4512]
+ *                                      
+ *        AttributeValue ::= OCTET STRING
+ *             
+ *        ModifyResponse ::= [APPLICATION 7] LDAPResult
+ *
+ * (Source: RFC 4511)
+ */
+
+
 /*
  * ldap_modify_ext - initiate an ldap extended modify operation.
  *
@@ -37,7 +69,9 @@
  * Example:
  *     LDAPMod *mods[] = { 
  *                     { LDAP_MOD_ADD, "cn", { "babs jensen", "babs", 0 } },
- *                     { LDAP_MOD_REPLACE, "sn", { "jensen", 0 } },
+ *                     { LDAP_MOD_REPLACE, "sn", { "babs jensen", "babs", 0 } },
+ *                     { LDAP_MOD_DELETE, "ou", 0 },
+ *                     { LDAP_MOD_INCREMENT, "uidNumber, { "1", 0 } }
  *                     0
  *             }
  *     rc=  ldap_modify_ext( ld, dn, mods, sctrls, cctrls, &msgid );
@@ -52,30 +86,9 @@ ldap_modify_ext( LDAP *ld,
 {
        BerElement      *ber;
        int             i, rc;
+       ber_int_t       id;
 
-       /*
-        * A modify request looks like this:
-        *      ModifyRequet ::= SEQUENCE {
-        *              object          DistinguishedName,
-        *              modifications   SEQUENCE OF SEQUENCE {
-        *                      operation       ENUMERATED {
-        *                              add     (0),
-        *                              delete  (1),
-        *                              replace (2)
-        *                      },
-        *                      modification    SEQUENCE {
-        *                              type    AttributeType,
-        *                              values  SET OF AttributeValue
-        *                      }
-        *              }
-        *      }
-        */
-
-#ifdef NEW_LOGGING
-       LDAP_LOG ( OPERATION, ENTRY, "ldap_modify_ext\n", 0, 0, 0 );
-#else
        Debug( LDAP_DEBUG_TRACE, "ldap_modify_ext\n", 0, 0, 0 );
-#endif
 
        /* check client controls */
        rc = ldap_int_client_controls( ld, cctrls );
@@ -86,29 +99,33 @@ ldap_modify_ext( LDAP *ld,
                return( LDAP_NO_MEMORY );
        }
 
-       if ( ber_printf( ber, "{it{s{" /*}}}*/, ++ld->ld_msgid, LDAP_REQ_MODIFY, dn )
-           == -1 ) {
+       LDAP_NEXT_MSGID( ld, id );
+       rc = ber_printf( ber, "{it{s{" /*}}}*/, id, LDAP_REQ_MODIFY, dn );
+       if ( rc == -1 ) {
                ld->ld_errno = LDAP_ENCODING_ERROR;
                ber_free( ber, 1 );
                return( ld->ld_errno );
        }
 
-       /* for each modification to be performed... */
-       for ( i = 0; mods[i] != NULL; i++ ) {
-               if (( mods[i]->mod_op & LDAP_MOD_BVALUES) != 0 ) {
-                       rc = ber_printf( ber, "{e{s[V]N}N}",
-                           (ber_int_t) ( mods[i]->mod_op & ~LDAP_MOD_BVALUES ),
-                           mods[i]->mod_type, mods[i]->mod_bvalues );
-               } else {
-                       rc = ber_printf( ber, "{e{s[v]N}N}",
-                               (ber_int_t) mods[i]->mod_op,
-                           mods[i]->mod_type, mods[i]->mod_values );
-               }
-
-               if ( rc == -1 ) {
-                       ld->ld_errno = LDAP_ENCODING_ERROR;
-                       ber_free( ber, 1 );
-                       return( ld->ld_errno );
+       /* allow mods to be NULL ("touch") */
+       if ( mods ) {
+               /* for each modification to be performed... */
+               for ( i = 0; mods[i] != NULL; i++ ) {
+                       if (( mods[i]->mod_op & LDAP_MOD_BVALUES) != 0 ) {
+                               rc = ber_printf( ber, "{e{s[V]N}N}",
+                                   (ber_int_t) ( mods[i]->mod_op & ~LDAP_MOD_BVALUES ),
+                                   mods[i]->mod_type, mods[i]->mod_bvalues );
+                       } else {
+                               rc = ber_printf( ber, "{e{s[v]N}N}",
+                                       (ber_int_t) mods[i]->mod_op,
+                                   mods[i]->mod_type, mods[i]->mod_values );
+                       }
+
+                       if ( rc == -1 ) {
+                               ld->ld_errno = LDAP_ENCODING_ERROR;
+                               ber_free( ber, 1 );
+                               return( ld->ld_errno );
+                       }
                }
        }
 
@@ -131,7 +148,7 @@ ldap_modify_ext( LDAP *ld,
        }
 
        /* send the message */
-       *msgidp = ldap_send_initial_request( ld, LDAP_REQ_MODIFY, dn, ber );
+       *msgidp = ldap_send_initial_request( ld, LDAP_REQ_MODIFY, dn, ber, id );
        return( *msgidp < 0 ? ld->ld_errno : LDAP_SUCCESS );
 }
 
@@ -149,7 +166,9 @@ ldap_modify_ext( LDAP *ld,
  * Example:
  *     LDAPMod *mods[] = { 
  *                     { LDAP_MOD_ADD, "cn", { "babs jensen", "babs", 0 } },
- *                     { LDAP_MOD_REPLACE, "sn", { "jensen", 0 } },
+ *                     { LDAP_MOD_REPLACE, "sn", { "babs jensen", "babs", 0 } },
+ *                     { LDAP_MOD_DELETE, "ou", 0 },
+ *                     { LDAP_MOD_INCREMENT, "uidNumber, { "1", 0 } }
  *                     0
  *             }
  *     msgid = ldap_modify( ld, dn, mods );
@@ -159,11 +178,7 @@ ldap_modify( LDAP *ld, LDAP_CONST char *dn, LDAPMod **mods )
 {
        int rc, msgid;
 
-#ifdef NEW_LOGGING
-       LDAP_LOG ( OPERATION, ENTRY, "ldap_modify\n", 0, 0, 0 );
-#else
        Debug( LDAP_DEBUG_TRACE, "ldap_modify\n", 0, 0, 0 );
-#endif
 
        rc = ldap_modify_ext( ld, dn, mods, NULL, NULL, &msgid );
 
@@ -186,7 +201,7 @@ ldap_modify_ext_s( LDAP *ld, LDAP_CONST char *dn,
        if ( rc != LDAP_SUCCESS )
                return( rc );
 
-       if ( ldap_result( ld, msgid, 1, (struct timeval *) NULL, &res ) == -1 )
+       if ( ldap_result( ld, msgid, LDAP_MSG_ALL, (struct timeval *) NULL, &res ) == -1 || !res )
                return( ld->ld_errno );
 
        return( ldap_result2error( ld, res, 1 ) );