This patch fixes several potential memory leaks in ipa-pwd-extop SLAPI plugin.
Common function ipapwd_gen_hashes() now cleans after itself when it fails. Other changes are local and self-explanatory. https://fedorahosted.org/freeipa/ticket/715
>From 36cd93947d619b7514ae80a82f7d154ecc8ad8ca Mon Sep 17 00:00:00 2001 From: Martin Kosek <[email protected]> Date: Thu, 13 Jan 2011 11:12:36 +0100 Subject: [PATCH] Potential memory leaks in ipa-pwd-extop This patch fixes several potential memory leaks in ipa-pwd-extop SLAPI plugin. Common function ipapwd_gen_hashes() now cleans after itself when it fails. Other changes are local and self-explanatory. https://fedorahosted.org/freeipa/ticket/715 --- .../ipa-pwd-extop/ipapwd_common.c | 11 +++++++++-- .../ipa-pwd-extop/ipapwd_encoding.c | 13 ++++++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_common.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_common.c index 2bc36c09e40c174e1a90ed3e6b2162cb8353cddb..3b5b3c8dcb30e82fa2717f8d61fa82cb662fb954 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_common.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_common.c @@ -74,12 +74,14 @@ static int new_ipapwd_encsalt(krb5_context krbctx, { struct ipapwd_encsalt *es; int nes, i; + int rc; for (i = 0; encsalts[i]; i++) /* count */ ; es = calloc(i + 1, sizeof(struct ipapwd_encsalt)); if (!es) { LOG_OOM(); - return LDAP_OPERATIONS_ERROR; + rc = LDAP_OPERATIONS_ERROR; + goto fail; } for (i = 0, nes = 0; encsalts[i]; i++) { @@ -93,7 +95,8 @@ static int new_ipapwd_encsalt(krb5_context krbctx, enc = strdup(encsalts[i]); if (!enc) { LOG_OOM(); - return LDAP_OPERATIONS_ERROR; + rc = LDAP_OPERATIONS_ERROR; + goto fail; } salt = strchr(enc, ':'); if (!salt) { @@ -133,6 +136,10 @@ static int new_ipapwd_encsalt(krb5_context krbctx, *num_es_types = nes; return LDAP_SUCCESS; + +fail: + free(es); + return rc; } static struct ipapwd_krbcfg *ipapwd_getConfig(void) diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_encoding.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_encoding.c index c19c5a566311d5c61d270ee33424a9ffdd473655..129320340284b36abfeda2694396f25467227e52 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_encoding.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd_encoding.c @@ -280,7 +280,7 @@ static Slapi_Value **encrypt_encode_key(struct ipapwd_krbcfg *krbcfg, if (!krbPrincipalName) { *errMesg = "no krbPrincipalName present in this entry\n"; LOG_FATAL("%s", *errMesg); - return NULL; + goto enc_error; } krberr = krb5_parse_name(krbctx, krbPrincipalName, &princ); @@ -680,6 +680,7 @@ static int encode_ntlm_keys(char *newPasswd, ucs2Passwd = calloc(ol, 1); if (!ucs2Passwd) { ret = -1; + iconv_close(cd); goto done; } @@ -735,6 +736,11 @@ int ipapwd_gen_hashes(struct ipapwd_krbcfg *krbcfg, { int rc; + *svals = NULL; + *nthash = NULL; + *lmhash = NULL; + *errMesg = NULL; + if (is_krb) { *svals = encrypt_encode_key(krbcfg, data, errMesg); @@ -778,6 +784,11 @@ int ipapwd_gen_hashes(struct ipapwd_krbcfg *krbcfg, done: + /* when error, free possibly allocated output parameters */ + if (rc) { + ipapwd_free_slapi_value_array(svals); + } + return rc; } -- 1.7.3.4
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
