From: Pierangelo Masarati <ando@openldap.org>
Date: Tue, 11 Jan 2005 00:37:22 +0000 (+0000)
Subject: don't malloc if proxyAuthz is the only control
X-Git-Tag: OPENLDAP_REL_ENG_2_3_BP~434
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=83d1e22b8c43d18412a4b12b2b5ae0c6220cc537;p=openldap

don't malloc if proxyAuthz is the only control
---

diff --git a/servers/slapd/back-ldap/chain.c b/servers/slapd/back-ldap/chain.c
index a580c52ff4..0f427b5d27 100644
--- a/servers/slapd/back-ldap/chain.c
+++ b/servers/slapd/back-ldap/chain.c
@@ -92,7 +92,7 @@ ldap_chain_response( Operation *op, SlapReply *rs )
 	void		*private = op->o_bd->be_private;
 	slap_callback	*sc = op->o_callback;
 	LDAPControl	**prev = op->o_ctrls;
-	LDAPControl	**ctrls = NULL, authz;
+	LDAPControl	**ctrls = NULL, *c[ 2 ], authz;
 	int		i, nctrls, rc = 0;
 	int		cache = op->o_do_not_cache;
 	char		*authzid = NULL;
@@ -130,7 +130,7 @@ ldap_chain_response( Operation *op, SlapReply *rs )
 			/* parse reference and use 
 			 * proto://[host][:port]/ only */
 			rc = ldap_url_parse_ext( ref[0].bv_val, &srv );
-			if ( rc != LDAP_URL_SUCCESS) {
+			if ( rc != LDAP_URL_SUCCESS ) {
 				/* error */
 				return 1;
 			}
@@ -160,20 +160,21 @@ ldap_chain_response( Operation *op, SlapReply *rs )
 	 * Binds are done separately, on an anonymous session.
 	 */
 	if ( op->o_tag != LDAP_REQ_BIND ) {
-		for ( i = 0; prev && prev[i]; i++ )
-			/* count and set prev to the last one */ ;
-		nctrls = i;
+		if ( prev ) {
+			for ( i = 0; prev[i]; i++ )
+				/* count and set prev to the last one */ ;
+			nctrls = i;
+
+			ctrls = op->o_tmpalloc((i + 1)*sizeof(LDAPControl *),
+				op->o_tmpmemctx);
+			for ( i = 0; i < nctrls; i++ ) {
+				ctrls[i] = prev[i];
+			}
 
-		/* Add an extra NULL slot */
-		if ( !prev ) {
-			i++;
+		} else {
+			ctrls = c;
 		}
 
-		ctrls = op->o_tmpalloc((i + 1)*sizeof(LDAPControl *),
-			op->o_tmpmemctx);
-		for ( i = 0; i < nctrls; i++ ) {
-			ctrls[i] = prev[i];
-		}
 		ctrls[nctrls] = &authz;
 		ctrls[nctrls + 1] = NULL;
 		authz.ldctl_oid = LDAP_CONTROL_PROXY_AUTHZ;
@@ -369,7 +370,7 @@ end_of_searchref:;
 	op->o_bd->be_private = private;
 	op->o_callback = sc;
 	op->o_ndn = ndn;
-	if ( ctrls ) {
+	if ( ctrls && ctrls != c ) {
 		op->o_tmpfree( ctrls, op->o_tmpmemctx );
 	}
 	if ( authzid ) {