ITS#2040 - in bdb_idl_fetch_key() use a large enough buffer to get the

entire IDL at once, to avoid triggering BDB resource leaks.

diff --git a/servers/slapd/back-bdb/idl.c b/servers/slapd/back-bdb/idl.c
index 99f6963a054f06dc4f3e0d867d607de5113ff769..df4ec8f5f06296a869af92815bf7325d4b0e55cc 100644 (file)
--- a/servers/slapd/back-bdb/idl.c
+++ b/servers/slapd/back-bdb/idl.c
@@ -248,7 +248,13 @@ bdb_idl_fetch_key(
 #ifdef BDB_IDL_MULTI
        {
                DBC *cursor;
-               ID buf[BDB_PAGESIZE*4];
+               /* buf must be large enough to grab the entire IDL in one
+                * get(), otherwise BDB 4 will leak resources on subsequent
+                * get's. We can safely call get() twice - once for the data,
+                * and once to get the DB_NOTFOUND result meaning there's
+                * no more data. See ITS#2040 for details.
+                */
+               ID buf[BDB_IDL_DB_SIZE*5];
                ID *i;
                void *ptr;
                size_t len;
@@ -444,7 +450,7 @@ bdb_idl_insert_key(
                                        err = "c_count";
                                        goto fail;
                                }
-                               if ( count >= BDB_IDL_DB_SIZE ) {
+                               if ( count >= BDB_IDL_DB_MAX ) {
                                /* No room, convert to a range */
                                        DBT key2 = *key;
 

diff --git a/servers/slapd/back-bdb/idl.h b/servers/slapd/back-bdb/idl.h
index bf302679b4b06e22da915fdf8b9f90f92c5185a1..8e2fbca8c1f0a50b73ed2df1a9097567b50be9c3 100644 (file)
--- a/servers/slapd/back-bdb/idl.h
+++ b/servers/slapd/back-bdb/idl.h
@@ -1,4 +1,4 @@
-/* back-bdb.h - ldap ldbm back-end header file */
+/* back-bdb.h - ldap bdb back-end header file */
 /* $OpenLDAP$ */
 /*
  * Copyright 2000-2002 The OpenLDAP Foundation, All Rights Reserved.
@@ -8,28 +8,16 @@
 #ifndef _BDB_IDL_H_
 #define _BDB_IDL_H_
 
-#include <portable.h>
-
-#include "slap.h"
-
 /* IDL sizes - likely should be even bigger
  *   limiting factors: sizeof(ID), thread stack size
- *
- * Note: the -2 stuff is intended to reduce the size
- * just enough to avoiding internal (to malloc) allocation
- * of overly large blocks to provide the requested size. 
- * The stuff needs to be thought out better, doesn't deal
- * well with mixed stack/malloc allocation of IDLs.
  */
-#define BDB_IDL_DB_SIZE                ((1<<16)-2) /* 32K IDL on disk */
-#define BDB_IDL_UM_SIZE                ((1<<17)-2) /* 64K IDL in memory */
+#define BDB_IDL_DB_SIZE                (1<<16) /* 64K IDL on disk */
+#define BDB_IDL_UM_SIZE                (1<<17) /* 128K IDL in memory */
 #define BDB_IDL_UM_SIZEOF      (BDB_IDL_UM_SIZE * sizeof(ID))
 
-#define BDB_IDL_DB_MAX         (BDB_IDL_DB_SIZE-2)
-/* #define BDB_IDL_DB_ALLOC    (BDB_IDL_DB_SIZE * sizeof(ID)) */
+#define BDB_IDL_DB_MAX         (BDB_IDL_DB_SIZE-1)
 
-#define BDB_IDL_UM_MAX                 (BDB_IDL_UM_SIZE-2)
-/* #define BDB_IDL_UM_ALLOC    (BDB_IDL_UM_SIZE * sizeof(ID)) */
+#define BDB_IDL_UM_MAX         (BDB_IDL_UM_SIZE-1)
 
 #define BDB_IDL_IS_RANGE(ids)  ((ids)[0] == NOID)
 #define BDB_IDL_RANGE_SIZE             (3)