svn rev #24984: trunk/src/plugins/kdb/ldap/libkdb_ldap/

ghudson@MIT.EDU ghudson at MIT.EDU
Thu Jun 23 15:25:51 EDT 2011 

http://src.mit.edu/fisheye/changelog/krb5/?cs=24984
Commit By: ghudson
Log Message:
ticket: 6924
subject: Fix multiple libkdb_ldap memory leaks

* krb5_ldap_policydn_to_name wasn't freeing rdn, and was using the
  wrong function to free dn, in the HAVE_LDAP_STR2DN CASE.
* populate_krb5_db_entry wasn't freeing the tl_data generated from
  ber_tl_data.
* populate_krb5_db_entry was using the wrong function to free
  a password policy when finding pw_max_life.
* krb5_ldap_put_principal wasn't freeing ber_tl_data.
* krb5_update_tl_kadm_data had a bad contract.  Change the contract
  to be more like krb5_dbe_update_mod_princ_data and simplify its
  memory management.


Changed Files:
U   trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
U   trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
U   trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
U   trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.h
Modified: trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
===================================================================
--- trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c	2011-06-23 19:03:34 UTC (rev 24983)
+++ trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c	2011-06-23 19:25:51 UTC (rev 24984)
@@ -1663,7 +1663,9 @@
         LDAPDN dn;
         rdn = strndup(policy_dn, len2 - len1 - 1); /* 1 character for ',' */
 
-        if (ldap_str2dn (rdn, &dn, LDAP_DN_FORMAT_LDAPV3 | LDAP_DN_PEDANTIC) != 0) {
+        st = ldap_str2dn(rdn, &dn, LDAP_DN_FORMAT_LDAPV3 | LDAP_DN_PEDANTIC);
+        free(rdn);
+        if (st != 0) {
             st = EINVAL;
             goto cleanup;
         }
@@ -1677,7 +1679,7 @@
                 st = EINVAL;
         }
 
-        ldap_memfree (dn);
+        ldap_dnfree(dn);
     }
 #elif defined HAVE_LDAP_EXPLODE_DN
     {
@@ -1954,18 +1956,14 @@
                                  &attr_present)) != 0)
         goto cleanup;
     if (attr_present == TRUE) {
-        krb5_tl_data  kadm_tl_data;
-
         mask |= KDB_PWD_POL_REF_ATTR;
 
         /* Ensure that the policy is inside the realm container */
         if ((st = krb5_ldap_policydn_to_name (context, pwdpolicydn, &polname)) != 0)
             goto cleanup;
 
-        if ((st = krb5_update_tl_kadm_data(polname, &kadm_tl_data)) != 0) {
+        if ((st = krb5_update_tl_kadm_data(context, entry, polname)) != 0)
             goto cleanup;
-        }
-        krb5_dbe_update_tl_data(context, entry, &kadm_tl_data);
     }
 
     /* KRBSECRETKEY */
@@ -2073,7 +2071,10 @@
             for (i = 0; ber_tl_data[i] != NULL; i++) {
                 if ((st = berval2tl_data (ber_tl_data[i] , &ptr)) != 0)
                     break;
-                if ((st = krb5_dbe_update_tl_data(context, entry, ptr)) != 0)
+                st = krb5_dbe_update_tl_data(context, entry, ptr);
+                free(ptr->tl_data_contents);
+                free(ptr);
+                if (st != 0)
                     break;
             }
             ldap_value_free_len (ber_tl_data);
@@ -2134,7 +2135,7 @@
         if ((st=krb5_ldap_get_password_policy(context, polname, &pwdpol)) != 0)
             goto cleanup;
         pw_max_life = pwdpol->pw_max_life;
-        free (pwdpol);
+        krb5_ldap_free_password_policy(context, pwdpol);
 
         if (pw_max_life > 0) {
             if ((st=krb5_dbe_lookup_last_pwd_change(context, entry, &last_pw_changed)) != 0)

Modified: trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
===================================================================
--- trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c	2011-06-23 19:03:34 UTC (rev 24983)
+++ trunk/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c	2011-06-23 19:25:51 UTC (rev 24984)
@@ -1102,18 +1102,18 @@
                     break;
                 j++;
             }
-            if (st != 0) {
-                for (j = 0; ber_tl_data[j] != NULL; j++) {
-                    free (ber_tl_data[j]->bv_val);
-                    free (ber_tl_data[j]);
-                }
-                free (ber_tl_data);
-                goto cleanup;
+            if (st == 0) {
+                ber_tl_data[count] = NULL;
+                st=krb5_add_ber_mem_ldap_mod(&mods, "krbExtraData",
+                                             LDAP_MOD_REPLACE |
+                                             LDAP_MOD_BVALUES, ber_tl_data);
             }
-            ber_tl_data[count] = NULL;
-            if ((st=krb5_add_ber_mem_ldap_mod(&mods, "krbExtraData",
-                                              LDAP_MOD_REPLACE | LDAP_MOD_BVALUES,
-                                              ber_tl_data)) != 0)
+            for (j = 0; ber_tl_data[j] != NULL; j++) {
+                free(ber_tl_data[j]->bv_val);
+                free(ber_tl_data[j]);
+            }
+            free(ber_tl_data);
+            if (st != 0)
                 goto cleanup;
         }
         if ((st=krb5_dbe_lookup_last_admin_unlock(context, entry,

Modified: trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
===================================================================
--- trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c	2011-06-23 19:03:34 UTC (rev 24983)
+++ trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c	2011-06-23 19:25:51 UTC (rev 24984)
@@ -200,33 +200,28 @@
 }
 
 krb5_error_code
-krb5_update_tl_kadm_data(policy_dn, new_tl_data)
-    char	        * policy_dn;
-    krb5_tl_data        * new_tl_data;
+krb5_update_tl_kadm_data(krb5_context context, krb5_db_entry *entry,
+			 char *policy_dn)
 {
     XDR xdrs;
-    osa_princ_ent_t princ_entry;
+    osa_princ_ent_rec princ_entry;
+    krb5_tl_data tl_data;
+    krb5_error_code retval;
 
-    if ((princ_entry = (osa_princ_ent_t) malloc(sizeof(osa_princ_ent_rec))) == NULL)
-	return ENOMEM;
+    memset(&princ_entry, 0, sizeof(osa_princ_ent_rec));
+    princ_entry.admin_history_kvno = 2;
+    princ_entry.aux_attributes = KADM5_POLICY;
+    princ_entry.policy = policy_dn;
 
-    memset(princ_entry, 0, sizeof(osa_princ_ent_rec));
-    princ_entry->admin_history_kvno = 2;
-    princ_entry->aux_attributes = KADM5_POLICY;
-    princ_entry->policy = policy_dn;
-
     xdralloc_create(&xdrs, XDR_ENCODE);
-    if (! ldap_xdr_osa_princ_ent_rec(&xdrs, princ_entry)) {
+    if (! ldap_xdr_osa_princ_ent_rec(&xdrs, &princ_entry)) {
 	xdr_destroy(&xdrs);
-	return(KADM5_XDR_FAILURE);
+	return KADM5_XDR_FAILURE;
     }
-    new_tl_data->tl_data_type = KRB5_TL_KADM_DATA;
-    new_tl_data->tl_data_length = xdr_getpos(&xdrs);
-    new_tl_data->tl_data_contents = (krb5_octet *)xdralloc_getdata(&xdrs);
-
-    /*
-      xdr_destroy(&xdrs);
-      ldap_osa_free_princ_ent(princ_entry);
-    */
-    return(0);
+    tl_data.tl_data_type = KRB5_TL_KADM_DATA;
+    tl_data.tl_data_length = xdr_getpos(&xdrs);
+    tl_data.tl_data_contents = (krb5_octet *)xdralloc_getdata(&xdrs);
+    retval = krb5_dbe_update_tl_data(context, entry, &tl_data);
+    xdr_destroy(&xdrs);
+    return retval;
 }

Modified: trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.h
===================================================================
--- trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.h	2011-06-23 19:03:34 UTC (rev 24983)
+++ trunk/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.h	2011-06-23 19:25:51 UTC (rev 24984)
@@ -56,6 +56,7 @@
 krb5_lookup_tl_kadm_data(krb5_tl_data *tl_data, osa_princ_ent_rec *princ_entry);
 
 krb5_error_code
-krb5_update_tl_kadm_data(char *, krb5_tl_data *);
+krb5_update_tl_kadm_data(krb5_context context, krb5_db_entry *entry,
+			 char *policy_dn);
 
 #endif

More information about the cvs-krb5 mailing list