upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-23 08:09:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#3922 don't leak ber buffer on decode/parse errors

Browse source
This commit is contained in:
Howard Chu 2005-08-09 00:26:39 +00:00
parent 28be8691cc
commit c30992f05e
1 changed files with 8 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
servers/slapd/overlays/syncprov.c
View file

@ -2286,7 +2286,8 @@ static int syncprov_parseCtrl (
LDAPControl *ctrl ) LDAPControl *ctrl )
{ {
ber_tag_t tag; ber_tag_t tag;
BerElement *ber; BerElementBuffer berbuf;
BerElement *ber = (BerElement *)&berbuf;
ber_int_t mode; ber_int_t mode;
ber_len_t len; ber_len_t len;
struct berval cookie = BER_BVNULL; struct berval cookie = BER_BVNULL;
@ -2320,11 +2321,7 @@ static int syncprov_parseCtrl (
* } * }
*/ */
ber = ber_init( &ctrl->ldctl_value ); ber_init2( ber, &ctrl->ldctl_value, 0 );
if( ber == NULL ) {
rs->sr_text = "internal error";
return LDAP_OTHER;
}
if ( (tag = ber_scanf( ber, "{i" /*}*/, &mode )) == LBER_ERROR ) { if ( (tag = ber_scanf( ber, "{i" /*}*/, &mode )) == LBER_ERROR ) {
rs->sr_text = "Sync control : mode decoding error"; rs->sr_text = "Sync control : mode decoding error";
@ -2364,14 +2361,16 @@ static int syncprov_parseCtrl (
sr = op->o_tmpcalloc( 1, sizeof(struct sync_control), op->o_tmpmemctx ); sr = op->o_tmpcalloc( 1, sizeof(struct sync_control), op->o_tmpmemctx );
sr->sr_rhint = rhint; sr->sr_rhint = rhint;
if (!BER_BVISNULL(&cookie)) { if (!BER_BVISNULL(&cookie)) {
ber_dupbv( &sr->sr_state.octet_str, &cookie ); ber_dupbv_x( &sr->sr_state.octet_str, &cookie, op->o_tmpmemctx );
slap_parse_sync_cookie( &sr->sr_state, op->o_tmpmemctx ); slap_parse_sync_cookie( &sr->sr_state, op->o_tmpmemctx );
if ( sr->sr_state.rid == -1 ) {
rs->sr_text = "Sync control : cookie parsing error";
return LDAP_PROTOCOL_ERROR;
}
} }
op->o_controls[slap_cids.sc_LDAPsync] = sr; op->o_controls[slap_cids.sc_LDAPsync] = sr;
(void) ber_free( ber, 1 );
op->o_sync = ctrl->ldctl_iscritical op->o_sync = ctrl->ldctl_iscritical
? SLAP_CONTROL_CRITICAL ? SLAP_CONTROL_CRITICAL
: SLAP_CONTROL_NONCRITICAL; : SLAP_CONTROL_NONCRITICAL;