[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett Fri, 15 Jun 2018 14:08:24 -0700

The branch, master has been updated
       via  3ca1c09 Fix several mem leaks in ldb_index ldb_search ldb_tdb
      from  f4f3abf ldb_tdb: Use mem_ctx and so avoid leak onto long-term 
memory on duplicated add.


https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3ca1c09f686fbfa9257cd95710dba4a98c3eeb8f
Author: Andrej Gessel <andrej.ges...@janztec.com>
Date:   Thu Jun 14 12:19:29 2018 +0200

    Fix several mem leaks in ldb_index ldb_search ldb_tdb
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13475
    
    Signed-off-by: Andrej Gessel <andrej.ges...@janztec.com>
    Reviewed-by: Jeremy Allison <j...@samba.org>
    Reviewed-by: Andrew Bartlett <abart...@samba.org>
    
    Autobuild-User(master): Andrew Bartlett <abart...@samba.org>
    Autobuild-Date(master): Fri Jun 15 23:07:25 CEST 2018 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 lib/ldb/ldb_tdb/ldb_index.c  | 5 +++++
 lib/ldb/ldb_tdb/ldb_search.c | 7 ++++---
 lib/ldb/ldb_tdb/ldb_tdb.c    | 2 ++
 3 files changed, 11 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 04ffbad..d59b4b1 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -416,6 +416,7 @@ normal_index:
                                      "expected %d for %s",
                                      version, LTDB_INDEXING_VERSION,
                                      ldb_dn_get_linearized(dn));
+                       talloc_free(msg);
                        return LDB_ERR_OPERATIONS_ERROR;
                }
 
@@ -433,14 +434,17 @@ normal_index:
                                      "expected %d for %s",
                                      version, LTDB_GUID_INDEXING_VERSION,
                                      ldb_dn_get_linearized(dn));
+                       talloc_free(msg);
                        return LDB_ERR_OPERATIONS_ERROR;
                }
 
                if (el->num_values == 0) {
+                       talloc_free(msg);
                        return LDB_ERR_OPERATIONS_ERROR;
                }
 
                if ((el->values[0].length % LTDB_GUID_SIZE) != 0) {
+                       talloc_free(msg);
                        return LDB_ERR_OPERATIONS_ERROR;
                }
 
@@ -521,6 +525,7 @@ int ltdb_key_dn_from_idx(struct ldb_module *module,
                        const int flags = LDB_UNPACK_DATA_FLAG_NO_ATTRS;
                        struct ldb_message *rec = ldb_msg_new(ldb);
                        if (rec == NULL) {
+                               TALLOC_FREE(list);
                                return LDB_ERR_OPERATIONS_ERROR;
                        }
 
diff --git a/lib/ldb/ldb_tdb/ldb_search.c b/lib/ldb/ldb_tdb/ldb_search.c
index cfc3714..18f8405 100644
--- a/lib/ldb/ldb_tdb/ldb_search.c
+++ b/lib/ldb/ldb_tdb/ldb_search.c
@@ -397,7 +397,7 @@ int ltdb_filter_attrs(TALLOC_CTX *mem_ctx,
        /* Shortcuts for the simple cases */
        } else if (add_dn && i == 1) {
                if (msg_add_distinguished_name(msg2) != 0) {
-                       return -1;
+                       goto failed;
                }
                *filtered_msg = msg2;
                return 0;
@@ -463,7 +463,7 @@ int ltdb_filter_attrs(TALLOC_CTX *mem_ctx,
 
        if (add_dn) {
                if (msg_add_distinguished_name(msg2) != 0) {
-                       return -1;
+                       goto failed;
                }
        }
 
@@ -472,7 +472,7 @@ int ltdb_filter_attrs(TALLOC_CTX *mem_ctx,
                                                struct ldb_message_element,
                                                msg2->num_elements);
                if (msg2->elements == NULL) {
-                       return -1;
+                       goto failed;
                }
        } else {
                talloc_free(msg2->elements);
@@ -483,6 +483,7 @@ int ltdb_filter_attrs(TALLOC_CTX *mem_ctx,
 
        return 0;
 failed:
+       TALLOC_FREE(msg2);
        return -1;
 }
 
diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c
index 51d6087..daf9a77 100644
--- a/lib/ldb/ldb_tdb/ldb_tdb.c
+++ b/lib/ldb/ldb_tdb/ldb_tdb.c
@@ -485,6 +485,7 @@ int ltdb_store(struct ldb_module *module, const struct 
ldb_message *msg, int flg
        }
 
        if (ltdb->read_only) {
+               talloc_free(tdb_key_ctx);
                return LDB_ERR_UNWILLING_TO_PERFORM;
        }
 
@@ -732,6 +733,7 @@ int ltdb_delete_noindex(struct ldb_module *module,
        }
 
        if (ltdb->read_only) {
+               talloc_free(tdb_key_ctx);
                return LDB_ERR_UNWILLING_TO_PERFORM;
        }
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

Reply via email to