plug potential ld_error leak (ITS#4064)

author Pierangelo Masarati <ando@openldap.org>

Tue, 4 Oct 2005 21:34:30 +0000 (21:34 +0000)

committer Pierangelo Masarati <ando@openldap.org>

Tue, 4 Oct 2005 21:34:30 +0000 (21:34 +0000)
author Pierangelo Masarati <ando@openldap.org>
Tue, 4 Oct 2005 21:34:30 +0000 (21:34 +0000)
committer Pierangelo Masarati <ando@openldap.org>
Tue, 4 Oct 2005 21:34:30 +0000 (21:34 +0000)
diff --git a/CHANGES b/CHANGES

index c2c244ecb91e794e630e98d4e060b723a2c9e3cd..d8dbb45f6068f9099100ae3f4b756128a4c80715 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -8,7 +8,7 @@ OpenLDAP 2.2.29 Engineering
         Fixed back-hdb slapcat EntryInfo cache growth (ITS#4010)
         Fixed back-sql missing space in delete statement (ITS#4061)
         Fixed liblber sb_dgram_read length (ITS#4046)
-       Fixed libldap memory leaks (ITS#4048, 4052, 4053)
+       Fixed libldap memory leaks (ITS#4048, 4052, 4053, 4064)
  
  OpenLDAP 2.2.28 Release
         Fixed slapd ACL logging
diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c

index bbc4dfd0762a030813e032618d63af445f4f0582..503df4308dbb54b882df204c447550736bbda709 100644 (file)
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -698,6 +698,9 @@ ldap_int_sasl_bind(
         if ( (saslrc != SASL_OK) && (saslrc != SASL_CONTINUE) ) {
                 rc = ld->ld_errno = sasl_err2ldap( saslrc );
  #if SASL_VERSION_MAJOR >= 2
+               if (ld->ld_error ) {
+                       LDAP_FREE( ld->ld_error );
+               }
                 ld->ld_error = LDAP_STRDUP( sasl_errdetail( ctx ) );
  #endif
                 goto done;
@@ -790,6 +793,9 @@ ldap_int_sasl_bind(
                 if ( (saslrc != SASL_OK) && (saslrc != SASL_CONTINUE) ) {
                         ld->ld_errno = sasl_err2ldap( saslrc );
  #if SASL_VERSION_MAJOR >= 2
+                       if (ld->ld_error ) {
+                               LDAP_FREE( ld->ld_error );
+                       }
                         ld->ld_error = LDAP_STRDUP( sasl_errdetail( ctx ) );
  #endif
                         rc = ld->ld_errno;
@@ -801,6 +807,9 @@ ldap_int_sasl_bind(
  
         if ( saslrc != SASL_OK ) {
  #if SASL_VERSION_MAJOR >= 2
+               if (ld->ld_error ) {
+                       LDAP_FREE( ld->ld_error );
+               }
                 ld->ld_error = LDAP_STRDUP( sasl_errdetail( ctx ) );
  #endif
                 rc = ld->ld_errno = sasl_err2ldap( saslrc );
diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c

index 7ce53b68e7bb13d80fd23f64ff0f848eb9b84ed4..6c49b2a790b66ab742a0c7da4d4863f1d48137b3 100644 (file)
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -781,6 +781,10 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn )
  
                 if ((err = ERR_peek_error())) {
                         char buf[256];
+
+                       if (ld->ld_error ) {
+                               LDAP_FREE( ld->ld_error );
+                       }
                         ld->ld_error = LDAP_STRDUP(ERR_error_string(err, buf));
  #ifdef HAVE_EBCDIC
                         if ( ld->ld_error ) __etoa(ld->ld_error);
@@ -1068,7 +1072,10 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in )
                                 "TLS: unable to get common name from peer certificate.\n",
                                 0, 0, 0 );
  #endif
-                       ret = LDAP_CONNECT_ERROR;
+                       ret = LDAP_CONNECT_ERROR;
+                       if (ld->ld_error ) {
+                               LDAP_FREE( ld->ld_error );
+                       }
                         ld->ld_error = LDAP_STRDUP(
                                 _("TLS: unable to get CN from peer certificate"));
  
@@ -1094,17 +1101,20 @@ ldap_pvt_tls_check_hostname( LDAP *ld, void *s, const char *name_in )
  
                 if( ret == LDAP_LOCAL_ERROR ) {
  #ifdef NEW_LOGGING
-                        LDAP_LOG ( TRANSPORT, ERR, "ldap_pvt_tls_check_hostname: "
-                        "TLS hostname (%s) does not match "
-                                "common name in certificate (%s).\n", name, buf, 0 );
+                       LDAP_LOG ( TRANSPORT, ERR, "ldap_pvt_tls_check_hostname: "
+                               "TLS hostname (%s) does not match "
+                               "common name in certificate (%s).\n", name, buf, 0 );
  #else
-                        Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
-                                "common name in certificate (%s).\n", 
-                                name, buf, 0 );
+                       Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
+                               "common name in certificate (%s).\n", 
+                               name, buf, 0 );
  #endif
-                        ret = LDAP_CONNECT_ERROR;
-                        ld->ld_error = LDAP_STRDUP(
-                                _("TLS: hostname does not match CN in peer certificate"));
+                       ret = LDAP_CONNECT_ERROR;
+                       if (ld->ld_error ) {
+                               LDAP_FREE( ld->ld_error );
+                       }
+                       ld->ld_error = LDAP_STRDUP(
+                               _("TLS: hostname does not match CN in peer certificate"));
                 }
         }
         X509_free(x);
author	Pierangelo Masarati <ando@openldap.org>
	Tue, 4 Oct 2005 21:34:30 +0000 (21:34 +0000)
committer	Pierangelo Masarati <ando@openldap.org>
	Tue, 4 Oct 2005 21:34:30 +0000 (21:34 +0000)
CHANGES		patch \| blob \| history
libraries/libldap/cyrus.c		patch \| blob \| history
libraries/libldap/tls.c		patch \| blob \| history