From: Pierangelo Masarati Date: Sun, 29 Aug 2010 00:35:49 +0000 (+0000) Subject: fix potential leak introduced by fix to ITS#6574 X-Git-Tag: MIGRATION_CVS2GIT~513 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=15d737badbe2b1eea924434f26bbbc9413c3d9c2;p=openldap fix potential leak introduced by fix to ITS#6574 --- diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c index 8b7b7d4b62..221a4f963b 100644 --- a/servers/slapd/back-meta/bind.c +++ b/servers/slapd/back-meta/bind.c @@ -627,14 +627,17 @@ meta_back_single_dobind( rs->sr_err = meta_back_bind_op_result( op, rs, mc, candidate, msgid, sendok ); /* if bind succeeded, but anonymous, clear msc_bound_ndn */ - if ( rs->sr_err == LDAP_SUCCESS ) { - if ( binddn[0] == '\0' && - !BER_BVISNULL( &msc->msc_bound_ndn ) && - !BER_BVISEMPTY( &msc->msc_bound_ndn ) ) - { + if ( rs->sr_err != LDAP_SUCCESS || binddn[0] == '\0' ) { + if ( !BER_BVISNULL( &msc->msc_bound_ndn ) ) { ber_memfree( msc->msc_bound_ndn.bv_val ); BER_BVZERO( &msc->msc_bound_ndn ); } + + if ( !BER_BVISNULL( &msc->msc_cred ) ) { + memset( msc->msc_cred.bv_val, 0, msc->msc_cred.bv_len ); + ber_memfree( msc->msc_cred.bv_val ); + BER_BVZERO( &msc->msc_cred ); + } } } diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c index c8fe33ae1c..43511baf85 100644 --- a/servers/slapd/back-meta/conn.c +++ b/servers/slapd/back-meta/conn.c @@ -720,15 +720,17 @@ meta_back_retry( rc = meta_back_init_one_conn( op, rs, mc, candidate, LDAP_BACK_CONN_ISPRIV( mc ), sendok, 0 ); - /* restore credentials, if any; + /* restore credentials, if any and if needed; * meta_back_init_one_conn() restores msc_bound_ndn, if any; * if no msc_bound_ndn is restored, destroy credentials */ - if ( !BER_BVISNULL( &msc->msc_bound_ndn ) ) { + if ( !BER_BVISNULL( &msc->msc_bound_ndn ) + && BER_BVISNULL( &msc->msc_cred ) ) + { msc->msc_cred = save_cred; } else if ( !BER_BVISNULL( &save_cred ) ) { memset( save_cred.bv_val, 0, save_cred.bv_len ); - ber_memfree( save_cred.bv_val ); + ber_memfree_x( save_cred.bv_val, NULL ); } /* restore the "binding" flag, in case */