From: Howard Chu Date: Sun, 13 Jun 2010 18:47:21 +0000 (+0000) Subject: ITS#6572 zero out freed DN vals. from mbackes@symas.com X-Git-Tag: MIGRATION_CVS2GIT~579 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=28072167c7fbc6ebf634e10a4a4a91fd4ccae5b5;p=openldap ITS#6572 zero out freed DN vals. from mbackes@symas.com --- diff --git a/servers/slapd/overlays/refint.c b/servers/slapd/overlays/refint.c index 9085c44344..55fcb6b5bd 100644 --- a/servers/slapd/overlays/refint.c +++ b/servers/slapd/overlays/refint.c @@ -76,7 +76,6 @@ typedef struct refint_q { } refint_q; typedef struct refint_data_s { - const char *message; /* breadcrumbs */ struct refint_attrs_s *attrs; /* list of known attrs */ BerValue dn; /* basedn in parent, */ BerValue nothing; /* the nothing value, if needed */ @@ -210,21 +209,17 @@ refint_cf_gen(ConfigArgs *c) rc = 0; break; case REFINT_NOTHING: - if ( dd->nothing.bv_val ) - ber_memfree ( dd->nothing.bv_val ); - if ( dd->nnothing.bv_val ) - ber_memfree ( dd->nnothing.bv_val ); - dd->nothing.bv_len = 0; - dd->nnothing.bv_len = 0; + ch_free( dd->nothing.bv_val ); + ch_free( dd->nnothing.bv_val ); + BER_BVZERO( &dd->nothing ); + BER_BVZERO( &dd->nnothing ); rc = 0; break; case REFINT_MODIFIERSNAME: - if ( dd->refint_dn.bv_val ) - ber_memfree ( dd->refint_dn.bv_val ); - if ( dd->refint_ndn.bv_val ) - ber_memfree ( dd->refint_ndn.bv_val ); - dd->refint_dn.bv_len = 0; - dd->refint_ndn.bv_len = 0; + ch_free( dd->refint_dn.bv_val ); + ch_free( dd->refint_ndn.bv_val ); + BER_BVZERO( &dd->refint_dn ); + BER_BVZERO( &dd->refint_ndn ); rc = 0; break; default: @@ -256,22 +251,26 @@ refint_cf_gen(ConfigArgs *c) } break; case REFINT_NOTHING: - if ( dd->nothing.bv_val ) - ber_memfree ( dd->nothing.bv_val ); - if ( dd->nnothing.bv_val ) - ber_memfree ( dd->nnothing.bv_val ); - dd->nothing = c->value_dn; - dd->nnothing = c->value_ndn; - rc = 0; + if ( !BER_BVISNULL( &c->value_ndn )) { + ch_free ( dd->nothing.bv_val ); + ch_free ( dd->nnothing.bv_val ); + dd->nothing = c->value_dn; + dd->nnothing = c->value_ndn; + rc = 0; + } else { + rc = ARG_BAD_CONF; + } break; case REFINT_MODIFIERSNAME: - if ( dd->refint_dn.bv_val ) - ber_memfree ( dd->refint_dn.bv_val ); - if ( dd->refint_ndn.bv_val ) - ber_memfree ( dd->refint_ndn.bv_val ); - dd->refint_dn = c->value_dn; - dd->refint_ndn = c->value_ndn; - rc = 0; + if ( !BER_BVISNULL( &c->value_ndn )) { + ch_free( &dd->refint_dn.bv_val ); + ch_free( &dd->refint_ndn.bv_val ); + dd->refint_dn = c->value_dn; + dd->refint_ndn = c->value_ndn; + rc = 0; + } else { + rc = ARG_BAD_CONF; + } break; default: abort (); @@ -299,7 +298,6 @@ refint_db_init( slap_overinst *on = (slap_overinst *)be->bd_info; refint_data *id = ch_calloc(1,sizeof(refint_data)); - id->message = "_init"; on->on_bi.bi_private = id; ldap_pvt_thread_mutex_init( &id->qmutex ); return(0); @@ -335,7 +333,6 @@ refint_open( { slap_overinst *on = (slap_overinst *)be->bd_info; refint_data *id = on->on_bi.bi_private; - id->message = "_open"; if ( BER_BVISNULL( &id->dn )) { if ( BER_BVISNULL( &be->be_nsuffix[0] )) @@ -354,7 +351,6 @@ refint_open( ** foreach configured attribute: ** free it; ** free our basedn; -** (do not) free id->message; ** reset on_bi.bi_private; ** free our config data; ** @@ -369,7 +365,6 @@ refint_close( slap_overinst *on = (slap_overinst *) be->bd_info; refint_data *id = on->on_bi.bi_private; refint_attrs *ii, *ij; - id->message = "_close"; for(ii = id->attrs; ii; ii = ij) { ij = ii->next; @@ -870,8 +865,6 @@ refint_response( BackendDB *db = NULL; refint_attrs *ip; - id->message = "_refint_response"; - /* If the main op failed or is not a Delete or ModRdn, ignore it */ if (( op->o_tag != LDAP_REQ_DELETE && op->o_tag != LDAP_REQ_MODRDN ) || rs->sr_err != LDAP_SUCCESS )