fix dangling pointer issue; cleanup as early as possible

author Pierangelo Masarati <ando@openldap.org>

Sun, 26 Oct 2008 19:24:10 +0000 (19:24 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Sun, 26 Oct 2008 19:24:10 +0000 (19:24 +0000)
author Pierangelo Masarati <ando@openldap.org>
Sun, 26 Oct 2008 19:24:10 +0000 (19:24 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Sun, 26 Oct 2008 19:24:10 +0000 (19:24 +0000)
diff --git a/servers/slapd/overlays/deref.c b/servers/slapd/overlays/deref.c

index 8c42170299fe5adeeef3a7d7ddb9c21a8235b81b..c3d4e7d8ed7f06eb559c43b451e3bbe7346ecf41 100644 (file)
--- a/servers/slapd/overlays/deref.c
+++ b/servers/slapd/overlays/deref.c
@@ -192,7 +192,7 @@ deref_parseCtrl (
                 ds = (DerefSpec *)op->o_tmpcalloc( 1,
                         sizeof(DerefSpec) + sizeof(AttributeDescription *)*(cnt + 1),
                         op->o_tmpmemctx );
-               ds->ds_attributes = (AttributeDescription **)&ds[1];
+               ds->ds_attributes = (AttributeDescription **)&ds[ 1 ];
                 ds->ds_nattrs = cnt;
  
                 rc = slap_bv2ad( &derefAttr, &ds->ds_derefAttr, &text );
@@ -262,6 +262,20 @@ justcleanup:;
         return rs->sr_err;
  }
  
+static int
+deref_cleanup( Operation *op, SlapReply *rs )
+{
+       if ( rs->sr_type == REP_RESULT || rs->sr_err == SLAPD_ABANDON ) {
+               op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
+               op->o_callback = NULL;
+
+               op->o_tmpfree( op->o_ctrlderef, op->o_tmpmemctx );
+               op->o_ctrlderef = NULL;
+       }
+
+       return SLAP_CB_CONTINUE;
+}
+
  static int
  deref_response( Operation *op, SlapReply *rs )
  {
@@ -273,7 +287,6 @@ deref_response( Operation *op, SlapReply *rs )
                 deref_cb_t *dc = (deref_cb_t *)op->o_callback->sc_private;
                 DerefSpec *ds;
                 DerefRes *dr, *drhead = NULL, **drp = &drhead;
-               BackendInfo *bi = op->o_bd->bd_info;
                 struct berval bv = BER_BVNULL;
                 int nDerefRes = 0, nDerefVals = 0, nAttrs = 0, nVals = 0;
                 struct berval ctrlval;
@@ -283,10 +296,8 @@ deref_response( Operation *op, SlapReply *rs )
                 Entry *ebase;
                 int i;
  
-               op->o_bd->bd_info = (BackendInfo *)dc->dc_on->on_info;
                 rc = overlay_entry_get_ov( op, &rs->sr_entry->e_nname, NULL, NULL, 0, &ebase, dc->dc_on );
                 if ( rc != LDAP_SUCCESS || ebase == NULL ) {
-                       op->o_bd->bd_info = bi;
                         return SLAP_CB_CONTINUE;
                 }
  
@@ -328,8 +339,8 @@ deref_response( Operation *op, SlapReply *rs )
                                                 continue;
                                         }
  
-                                       dv[i].dv_derefSpecVal = a->a_vals[ i ];
-                                       bv.bv_len += dv[i].dv_derefSpecVal.bv_len;
+                                       ber_dupbv_x( &dv[ i ].dv_derefSpecVal, &a->a_vals[ i ], op->o_tmpmemctx );
+                                       bv.bv_len += dv[ i ].dv_derefSpecVal.bv_len;
                                         nVals++;
                                         nDerefVals++;
  
@@ -388,7 +399,6 @@ deref_response( Operation *op, SlapReply *rs )
                         }
                 }
                 overlay_entry_release_ov( op, ebase, 0, dc->dc_on );
-               op->o_bd->bd_info = bi;
  
                 if ( drhead == NULL ) {
                         return SLAP_CB_CONTINUE;
@@ -416,6 +426,7 @@ deref_response( Operation *op, SlapReply *rs )
                                 rc = ber_printf( ber, "{OO" /*}*/,
                                         &dr->dr_spec.ds_derefAttr->ad_cname,
                                         &dr->dr_vals[ i ].dv_derefSpecVal );
+                               op->o_tmpfree( dr->dr_vals[ i ].dv_derefSpecVal.bv_val, op->o_tmpmemctx );
                                 for ( j = 0; j < dr->dr_spec.ds_nattrs; j++ ) {
                                         if ( dr->dr_vals[ i ].dv_attrVals[ j ] != NULL ) {
                                                 if ( first ) {
@@ -490,23 +501,12 @@ cleanup:;
                         op->o_tmpfree( drhead, op->o_tmpmemctx );
                         drhead = drnext;
                 }
-       }
  
-       return rc;
-}
-
-static int
-deref_cleanup( Operation *op, SlapReply *rs )
-{
-       if ( rs->sr_type == REP_RESULT || rs->sr_err == SLAPD_ABANDON ) {
-               op->o_tmpfree( op->o_callback, op->o_tmpmemctx );
-               op->o_callback = NULL;
-
-               op->o_tmpfree( op->o_ctrlderef, op->o_tmpmemctx );
-               op->o_ctrlderef = NULL;
+       } else if ( rs->sr_type == REP_RESULT ) {
+               rc = deref_cleanup( op, rs );
         }
  
-       return SLAP_CB_CONTINUE;
+       return rc;
  }
  
  static int
@@ -544,7 +544,7 @@ deref_initialize(void)
         if ( rc != LDAP_SUCCESS ) {
                 Debug( LDAP_DEBUG_ANY,
                         "deref_init: Failed to register control (%d)\n",
-               rc, 0, 0 );
+                       rc, 0, 0 );
                 return -1;
         }
author	Pierangelo Masarati <ando@openldap.org>
	Sun, 26 Oct 2008 19:24:10 +0000 (19:24 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Sun, 26 Oct 2008 19:24:10 +0000 (19:24 +0000)