Blame SOURCES/0056-Ticket-49534-Fix-coverity-issues-and-regression.patch

b045b9
From 961a1d68274453a9a0e79acdd4a3d6e3da146722 Mon Sep 17 00:00:00 2001
b045b9
From: Mark Reynolds <mreynolds@redhat.com>
b045b9
Date: Tue, 16 Jan 2018 10:14:34 -0500
b045b9
Subject: [PATCH] Ticket 49534 - Fix coverity issues and regression
b045b9
b045b9
Description:  Fix regression introdcued in the previous coverity patch.
b045b9
b045b9
              Also fixed many other coverity issues.
b045b9
b045b9
https://pagure.io/389-ds-base/issue/49534
b045b9
b045b9
Reviewed by:  wibrown, tbordaz, lkrispen(Thanks!)
b045b9
b045b9
(cherry picked from commit 7658232cc427a5c46e94989eec9195f0392ee540)
b045b9
---
b045b9
 ldap/servers/plugins/acl/acl.c                     |  6 ++++
b045b9
 ldap/servers/plugins/acl/acllas.c                  | 13 +++++--
b045b9
 ldap/servers/plugins/automember/automember.c       |  6 ++++
b045b9
 ldap/servers/plugins/cos/cos_cache.c               | 16 +++++++--
b045b9
 ldap/servers/plugins/memberof/memberof_config.c    |  8 ++---
b045b9
 ldap/servers/plugins/replication/cl5_clcache.c     |  9 +++--
b045b9
 .../plugins/replication/repl5_replica_config.c     |  3 --
b045b9
 ldap/servers/plugins/rootdn_access/rootdn_access.c |  7 +++-
b045b9
 ldap/servers/plugins/uiduniq/7bit.c                | 18 +++++-----
b045b9
 ldap/servers/plugins/views/views.c                 |  3 ++
b045b9
 ldap/servers/slapd/auth.c                          |  3 +-
b045b9
 ldap/servers/slapd/back-ldbm/dblayer.c             |  5 ++-
b045b9
 ldap/servers/slapd/back-ldbm/filterindex.c         |  2 +-
b045b9
 ldap/servers/slapd/back-ldbm/import-threads.c      | 10 +++---
b045b9
 ldap/servers/slapd/back-ldbm/index.c               |  3 +-
b045b9
 ldap/servers/slapd/back-ldbm/instance.c            |  4 +++
b045b9
 ldap/servers/slapd/back-ldbm/ldbm_add.c            | 18 +++++++---
b045b9
 .../slapd/back-ldbm/ldbm_attrcrypt_config.c        |  7 ++--
b045b9
 .../servers/slapd/back-ldbm/ldbm_instance_config.c |  2 +-
b045b9
 ldap/servers/slapd/back-ldbm/ldbm_search.c         |  4 +--
b045b9
 ldap/servers/slapd/back-ldbm/vlv.c                 |  2 +-
b045b9
 ldap/servers/slapd/back-ldbm/vlv_srch.c            |  2 +-
b045b9
 ldap/servers/slapd/backend.c                       |  2 +-
b045b9
 ldap/servers/slapd/compare.c                       |  7 ++--
b045b9
 ldap/servers/slapd/connection.c                    | 40 ++++++++++++----------
b045b9
 ldap/servers/slapd/control.c                       |  6 ++++
b045b9
 ldap/servers/slapd/dse.c                           |  5 +--
b045b9
 ldap/servers/slapd/eventq.c                        |  2 +-
b045b9
 ldap/servers/slapd/extendop.c                      | 10 +++---
b045b9
 ldap/servers/slapd/filter.c                        | 12 ++++---
b045b9
 ldap/servers/slapd/index_subsystem.c               |  2 +-
b045b9
 ldap/servers/slapd/main.c                          | 19 ++++++++--
b045b9
 ldap/servers/slapd/mapping_tree.c                  |  2 +-
b045b9
 ldap/servers/slapd/modify.c                        | 39 ++++++++++-----------
b045b9
 ldap/servers/slapd/opshared.c                      |  7 ++++
b045b9
 ldap/servers/slapd/passwd_extop.c                  |  4 +++
b045b9
 ldap/servers/slapd/plugin.c                        |  8 +++--
b045b9
 ldap/servers/slapd/plugin_internal_op.c            |  1 +
b045b9
 ldap/servers/slapd/psearch.c                       |  6 ++--
b045b9
 ldap/servers/slapd/pw.c                            |  3 +-
b045b9
 ldap/servers/slapd/pw_mgmt.c                       | 30 ++++++++++------
b045b9
 ldap/servers/slapd/result.c                        |  2 +-
b045b9
 ldap/servers/slapd/saslbind.c                      |  5 +++
b045b9
 ldap/servers/slapd/task.c                          |  5 +--
b045b9
 ldap/servers/slapd/util.c                          | 12 ++++---
b045b9
 ldap/servers/slapd/valueset.c                      | 10 ++++--
b045b9
 ldap/servers/slapd/vattr.c                         | 20 ++++++++---
b045b9
 ldap/servers/snmp/main.c                           | 19 ++++++----
b045b9
 48 files changed, 276 insertions(+), 153 deletions(-)
b045b9
b045b9
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
b045b9
index f10c9f6b5..bc154c78f 100644
b045b9
--- a/ldap/servers/plugins/acl/acl.c
b045b9
+++ b/ldap/servers/plugins/acl/acl.c
b045b9
@@ -437,6 +437,12 @@ acl_access_allowed(
b045b9
      * pointers to them--we must always start afresh (see psearch.c).
b045b9
     */
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &op);
b045b9
+    if (op == NULL) {
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, plugin_name,
b045b9
+                      "acl_access_allowed - NULL op\n");
b045b9
+        ret_val = LDAP_OPERATIONS_ERROR;
b045b9
+        goto cleanup_and_ret;
b045b9
+    }
b045b9
     if (operation_is_flag_set(op, OP_FLAG_PS) ||
b045b9
         (aclpb->aclpb_curr_entry_sdn == NULL) ||
b045b9
         (slapi_sdn_compare(aclpb->aclpb_curr_entry_sdn, e_sdn) != 0) ||
b045b9
diff --git a/ldap/servers/plugins/acl/acllas.c b/ldap/servers/plugins/acl/acllas.c
b045b9
index b9bea205c..3950fd405 100644
b045b9
--- a/ldap/servers/plugins/acl/acllas.c
b045b9
+++ b/ldap/servers/plugins/acl/acllas.c
b045b9
@@ -4260,7 +4260,7 @@ acllas_replace_attr_macro(char *rule, lasInfo *lasinfo)
b045b9
             /*
b045b9
              * working_rule is the first member of working_list.
b045b9
              * str points to the next $attr.attrName in working_rule.
b045b9
-             * each member of working_list needs to have each occurence of
b045b9
+             * each member of working_list needs to have each occurrence of
b045b9
              * $attr.atrName replaced with the value of attrName in e.
b045b9
              * If attrName is multi valued then this generates another
b045b9
              * list which replaces the old one.
b045b9
@@ -4273,8 +4273,7 @@ acllas_replace_attr_macro(char *rule, lasInfo *lasinfo)
b045b9
             str = strstr(macro_str, ".");
b045b9
             if (!str) {
b045b9
                 slapi_log_err(SLAPI_LOG_ERR, plugin_name,
b045b9
-                              "acllas_replace_attr_macro - Invalid macro \"%s\".",
b045b9
-                              macro_str);
b045b9
+                              "acllas_replace_attr_macro - Invalid macro \"%s\".", macro_str);
b045b9
                 slapi_ch_free_string(¯o_str);
b045b9
                 charray_free(working_list);
b045b9
                 return NULL;
b045b9
@@ -4282,10 +4281,18 @@ acllas_replace_attr_macro(char *rule, lasInfo *lasinfo)
b045b9
 
b045b9
             str++; /* skip the . */
b045b9
             l = acl_strstr(&str[0], ")");
b045b9
+            if (l == -1){
b045b9
+                slapi_log_err(SLAPI_LOG_ERR, plugin_name,
b045b9
+                              "acllas_replace_attr_macro - Invalid macro str \"%s\".", str);
b045b9
+                slapi_ch_free_string(¯o_str);
b045b9
+                charray_free(working_list);
b045b9
+                return NULL;
b045b9
+            }
b045b9
             macro_attr_name = slapi_ch_malloc(l + 1);
b045b9
             strncpy(macro_attr_name, &str[0], l);
b045b9
             macro_attr_name[l] = '\0';
b045b9
 
b045b9
+
b045b9
             slapi_entry_attr_find(e, macro_attr_name, &attr);
b045b9
             if (NULL == attr) {
b045b9
 
b045b9
diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c
b045b9
index 4c008e1f2..cbd25915a 100644
b045b9
--- a/ldap/servers/plugins/automember/automember.c
b045b9
+++ b/ldap/servers/plugins/automember/automember.c
b045b9
@@ -1047,6 +1047,7 @@ automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e)
b045b9
                         /* Order rules by target group DN */
b045b9
                         if (slapi_sdn_compare(rule->target_group_dn, curr_rule->target_group_dn) < 0) {
b045b9
                             PR_INSERT_BEFORE(&(rule->list), list);
b045b9
+                            rule = NULL;
b045b9
                             break;
b045b9
                         }
b045b9
 
b045b9
@@ -1055,9 +1056,11 @@ automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e)
b045b9
                         /* If we hit the end of the list, add to the tail. */
b045b9
                         if ((PRCList *)config->inclusive_rules == list) {
b045b9
                             PR_INSERT_BEFORE(&(rule->list), list);
b045b9
+                            rule = NULL;
b045b9
                             break;
b045b9
                         }
b045b9
                     }
b045b9
+                    automember_free_regex_rule(rule);
b045b9
                 } else {
b045b9
                     /* Add to head of list */
b045b9
                     PR_INSERT_LINK(&(rule->list), (PRCList *)config->inclusive_rules);
b045b9
@@ -1101,6 +1104,7 @@ automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e)
b045b9
                         /* Order rules by target group DN */
b045b9
                         if (slapi_sdn_compare(rule->target_group_dn, curr_rule->target_group_dn) < 0) {
b045b9
                             PR_INSERT_BEFORE(&(rule->list), list);
b045b9
+                            rule = NULL;
b045b9
                             break;
b045b9
                         }
b045b9
 
b045b9
@@ -1109,6 +1113,7 @@ automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e)
b045b9
                         /* If we hit the end of the list, add to the tail. */
b045b9
                         if ((PRCList *)config->exclusive_rules == list) {
b045b9
                             PR_INSERT_BEFORE(&(rule->list), list);
b045b9
+                            rule = NULL;
b045b9
                             break;
b045b9
                         }
b045b9
                     }
b045b9
@@ -1116,6 +1121,7 @@ automember_parse_regex_entry(struct configEntry *config, Slapi_Entry *e)
b045b9
                     /* Add to head of list */
b045b9
                     PR_INSERT_LINK(&(rule->list), (PRCList *)config->exclusive_rules);
b045b9
                 }
b045b9
+                automember_free_regex_rule(rule);
b045b9
             } else {
b045b9
                 slapi_log_err(SLAPI_LOG_ERR, AUTOMEMBER_PLUGIN_SUBSYSTEM,
b045b9
                               "automember_parse_regex_entry - Skipping invalid exclusive "
b045b9
diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c
b045b9
index 3b3c05783..5e0cf1725 100644
b045b9
--- a/ldap/servers/plugins/cos/cos_cache.c
b045b9
+++ b/ldap/servers/plugins/cos/cos_cache.c
b045b9
@@ -874,7 +874,7 @@ cos_dn_defs_cb(Slapi_Entry *e, void *callback_data)
b045b9
 
b045b9
     if (pCosAttribute && (!pCosTargetTree || !pCosTemplateDn)) {
b045b9
         /* get the parent of the definition */
b045b9
-        char *orig = slapi_dn_parent(pDn->val);
b045b9
+        char *orig = pDn ? slapi_dn_parent(pDn->val) : NULL;
b045b9
         char *parent = NULL;
b045b9
         if (orig) {
b045b9
             parent = slapi_create_dn_string("%s", orig);
b045b9
@@ -900,7 +900,7 @@ cos_dn_defs_cb(Slapi_Entry *e, void *callback_data)
b045b9
             slapi_log_err(SLAPI_LOG_ERR, COS_PLUGIN_SUBSYSTEM,
b045b9
                           "cos_dn_defs_cb - "
b045b9
                           "Failed to get parent dn of cos definition %s.\n",
b045b9
-                          pDn->val);
b045b9
+                          pDn ? pDn->val : "<none>");
b045b9
             if (!pCosTemplateDn) {
b045b9
                 if (!pCosTargetTree) {
b045b9
                     slapi_log_err(SLAPI_LOG_ERR, COS_PLUGIN_SUBSYSTEM, "cos_dn_defs_cb - cosTargetTree and cosTemplateDn are not set.\n");
b045b9
@@ -1843,6 +1843,13 @@ cos_cache_add_tmpl(cosTemplates **pTemplates, cosAttrValue *dn, cosAttrValue *ob
b045b9
 
b045b9
     slapi_log_err(SLAPI_LOG_TRACE, COS_PLUGIN_SUBSYSTEM, "--> cos_cache_add_tmpl\n");
b045b9
 
b045b9
+    if (dn == NULL) {
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, COS_PLUGIN_SUBSYSTEM,
b045b9
+                      "cos_cache_add_tmpl - param cosAttrValue dn is NULL\n");
b045b9
+        ret = -1;
b045b9
+        goto done;
b045b9
+    }
b045b9
+
b045b9
     /* create the attribute */
b045b9
     theTemp = (cosTemplates *)slapi_ch_malloc(sizeof(cosTemplates));
b045b9
     if (theTemp) {
b045b9
@@ -1851,7 +1858,9 @@ cos_cache_add_tmpl(cosTemplates **pTemplates, cosAttrValue *dn, cosAttrValue *ob
b045b9
         int index = 0;
b045b9
         int template_default = 0;
b045b9
         char *ptr = NULL;
b045b9
-        char *normed = slapi_create_dn_string("%s", dn->val);
b045b9
+        char *normed = NULL;
b045b9
+
b045b9
+        normed = slapi_create_dn_string("%s", dn->val);
b045b9
         if (normed) {
b045b9
             slapi_ch_free_string(&dn->val);
b045b9
             dn->val = normed;
b045b9
@@ -1964,6 +1973,7 @@ cos_cache_add_tmpl(cosTemplates **pTemplates, cosAttrValue *dn, cosAttrValue *ob
b045b9
         ret = -1;
b045b9
     }
b045b9
 
b045b9
+done:
b045b9
     slapi_log_err(SLAPI_LOG_TRACE, COS_PLUGIN_SUBSYSTEM, "<-- cos_cache_add_tmpl\n");
b045b9
     return ret;
b045b9
 }
b045b9
diff --git a/ldap/servers/plugins/memberof/memberof_config.c b/ldap/servers/plugins/memberof/memberof_config.c
b045b9
index 3f22d95d6..8a27f5250 100644
b045b9
--- a/ldap/servers/plugins/memberof/memberof_config.c
b045b9
+++ b/ldap/servers/plugins/memberof/memberof_config.c
b045b9
@@ -550,7 +550,7 @@ memberof_apply_config(Slapi_PBlock *pb __attribute__((unused)),
b045b9
         }
b045b9
 
b045b9
         /* Build the new list */
b045b9
-        for (i = 0; theConfig.groupattrs[i]; i++) {
b045b9
+        for (i = 0; theConfig.groupattrs && theConfig.groupattrs[i]; i++) {
b045b9
             theConfig.group_slapiattrs[i] = slapi_attr_new();
b045b9
             slapi_attr_init(theConfig.group_slapiattrs[i], theConfig.groupattrs[i]);
b045b9
         }
b045b9
@@ -572,7 +572,7 @@ memberof_apply_config(Slapi_PBlock *pb __attribute__((unused)),
b045b9
             bytes_out = snprintf(filter_str, filter_str_len - bytes_out, "(|");
b045b9
 
b045b9
             /* Add filter section for each groupattr. */
b045b9
-            for (i = 0; theConfig.groupattrs[i]; i++) {
b045b9
+            for (i = 0; theConfig.groupattrs && theConfig.groupattrs[i]; i++) {
b045b9
                 bytes_out += snprintf(filter_str + bytes_out, filter_str_len - bytes_out, "(%s=*)", theConfig.groupattrs[i]);
b045b9
             }
b045b9
 
b045b9
@@ -721,7 +721,7 @@ memberof_copy_config(MemberOfConfig *dest, MemberOfConfig *src)
b045b9
             }
b045b9
 
b045b9
             /* Count how many values we have in the source list. */
b045b9
-            for (j = 0; src->group_slapiattrs[j]; j++) {
b045b9
+            for (j = 0; src->group_slapiattrs && src->group_slapiattrs[j]; j++) {
b045b9
                 /* Do nothing. */
b045b9
             }
b045b9
 
b045b9
@@ -731,7 +731,7 @@ memberof_copy_config(MemberOfConfig *dest, MemberOfConfig *src)
b045b9
             }
b045b9
 
b045b9
             /* Copy the attributes. */
b045b9
-            for (i = 0; src->group_slapiattrs[i]; i++) {
b045b9
+            for (i = 0; src->group_slapiattrs && src->group_slapiattrs[i]; i++) {
b045b9
                 dest->group_slapiattrs[i] = slapi_attr_dup(src->group_slapiattrs[i]);
b045b9
             }
b045b9
 
b045b9
diff --git a/ldap/servers/plugins/replication/cl5_clcache.c b/ldap/servers/plugins/replication/cl5_clcache.c
b045b9
index 40985b9a7..a8477a83a 100644
b045b9
--- a/ldap/servers/plugins/replication/cl5_clcache.c
b045b9
+++ b/ldap/servers/plugins/replication/cl5_clcache.c
b045b9
@@ -676,7 +676,7 @@ clcache_initial_anchorcsn(CLC_Buffer *buf, int *flag)
b045b9
         buf->buf_state = CLC_STATE_DONE;
b045b9
     } else {
b045b9
         csn_init_by_csn(buf->buf_current_csn, anchorcsn);
b045b9
-        csn_as_string(buf->buf_current_csn, 0, (char *)buf->buf_key.data);
b045b9
+        buf->buf_key.data = csn_as_string(buf->buf_current_csn, 0, (char *)buf->buf_key.data);
b045b9
         slapi_log_err(SLAPI_LOG_REPL, "clcache_initial_anchorcsn",
b045b9
                       "anchor is now: %s\n", (char *)buf->buf_key.data);
b045b9
     }
b045b9
@@ -746,10 +746,9 @@ clcache_adjust_anchorcsn(CLC_Buffer *buf, int *flag)
b045b9
         buf->buf_state = CLC_STATE_DONE;
b045b9
     } else {
b045b9
         csn_init_by_csn(buf->buf_current_csn, anchorcsn);
b045b9
-        csn_as_string(buf->buf_current_csn, 0, (char *)buf->buf_key.data);
b045b9
-        slapi_log_err(SLAPI_LOG_REPL, buf->buf_agmt_name, "clcache_adjust_anchorcsn - "
b045b9
-                                                          "anchor is now: %s\n",
b045b9
-                      (char *)buf->buf_key.data);
b045b9
+        buf->buf_key.data = csn_as_string(buf->buf_current_csn, 0, (char *)buf->buf_key.data);
b045b9
+        slapi_log_err(SLAPI_LOG_REPL, buf->buf_agmt_name,
b045b9
+                      "clcache_adjust_anchorcsn - anchor is now: %s\n", (char *)buf->buf_key.data);
b045b9
     }
b045b9
 
b045b9
     return buf->buf_state;
b045b9
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
b045b9
index 95b933bb8..bda333362 100644
b045b9
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
b045b9
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
b045b9
@@ -2527,9 +2527,6 @@ add_cleaned_rid(cleanruv_data *cleanruv_data, char *maxcsn)
b045b9
     Replica *r;
b045b9
     char *forcing;
b045b9
 
b045b9
-    if (data == NULL) {
b045b9
-        return;
b045b9
-    }
b045b9
     rid = cleanruv_data->rid;
b045b9
     r = cleanruv_data->replica;
b045b9
     forcing = cleanruv_data->force;
b045b9
diff --git a/ldap/servers/plugins/rootdn_access/rootdn_access.c b/ldap/servers/plugins/rootdn_access/rootdn_access.c
b045b9
index b4db1202a..1cb999792 100644
b045b9
--- a/ldap/servers/plugins/rootdn_access/rootdn_access.c
b045b9
+++ b/ldap/servers/plugins/rootdn_access/rootdn_access.c
b045b9
@@ -459,7 +459,7 @@ rootdn_check_access(Slapi_PBlock *pb)
b045b9
     PRNetAddr *client_addr = NULL;
b045b9
     PRHostEnt *host_entry = NULL;
b045b9
     time_t curr_time;
b045b9
-    struct tm *timeinfo;
b045b9
+    struct tm *timeinfo = NULL;
b045b9
     char *dnsName = NULL;
b045b9
     int isRoot = 0;
b045b9
     int rc = SLAPI_PLUGIN_SUCCESS;
b045b9
@@ -478,6 +478,11 @@ rootdn_check_access(Slapi_PBlock *pb)
b045b9
     if (open_time || daysAllowed) {
b045b9
         curr_time = slapi_current_utc_time();
b045b9
         timeinfo = localtime(&curr_time);
b045b9
+        if (timeinfo == NULL) {
b045b9
+            slapi_log_err(SLAPI_LOG_ERR, ROOTDN_PLUGIN_SUBSYSTEM,
b045b9
+                "rootdn_check_access - Failed to get localtime\n");
b045b9
+            return -1;
b045b9
+        }
b045b9
     }
b045b9
     /*
b045b9
      *  First check TOD restrictions, continue through if we are in the open "window"
b045b9
diff --git a/ldap/servers/plugins/uiduniq/7bit.c b/ldap/servers/plugins/uiduniq/7bit.c
b045b9
index b23e652cf..60fcbab93 100644
b045b9
--- a/ldap/servers/plugins/uiduniq/7bit.c
b045b9
+++ b/ldap/servers/plugins/uiduniq/7bit.c
b045b9
@@ -715,18 +715,18 @@ preop_modrdn(Slapi_PBlock *pb)
b045b9
 int
b045b9
 NS7bitAttr_Init(Slapi_PBlock *pb)
b045b9
 {
b045b9
-    int err = 0;
b045b9
+    int32_t err = 0;
b045b9
     Slapi_Entry *plugin_entry = NULL;
b045b9
     char *plugin_type = NULL;
b045b9
-    int preadd = SLAPI_PLUGIN_PRE_ADD_FN;
b045b9
-    int premod = SLAPI_PLUGIN_PRE_MODIFY_FN;
b045b9
-    int premdn = SLAPI_PLUGIN_PRE_MODRDN_FN;
b045b9
+    int32_t preadd = SLAPI_PLUGIN_PRE_ADD_FN;
b045b9
+    int32_t premod = SLAPI_PLUGIN_PRE_MODIFY_FN;
b045b9
+    int32_t premdn = SLAPI_PLUGIN_PRE_MODRDN_FN;
b045b9
 
b045b9
     BEGIN
b045b9
-    int attr_count = 0;
b045b9
-    int argc;
b045b9
-    char **argv;
b045b9
-    int valid_suffix = 0;
b045b9
+    int32_t attr_count = 0;
b045b9
+    int32_t argc = 0;
b045b9
+    char **argv = NULL;
b045b9
+    int32_t valid_suffix = 0;
b045b9
 
b045b9
     /* Declare plugin version */
b045b9
     err = slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION,
b045b9
@@ -752,7 +752,7 @@ NS7bitAttr_Init(Slapi_PBlock *pb)
b045b9
         break;
b045b9
 
b045b9
     err = slapi_pblock_get(pb, SLAPI_PLUGIN_ARGV, &argv);
b045b9
-    if (err)
b045b9
+    if (err || argv == NULL)
b045b9
         break;
b045b9
 
b045b9
     for (attr_count = 0; argv && argv[attr_count]; attr_count++) {
b045b9
diff --git a/ldap/servers/plugins/views/views.c b/ldap/servers/plugins/views/views.c
b045b9
index 6ba3e290d..6f784f599 100644
b045b9
--- a/ldap/servers/plugins/views/views.c
b045b9
+++ b/ldap/servers/plugins/views/views.c
b045b9
@@ -558,6 +558,9 @@ views_cache_index(void)
b045b9
         /* copy over the views */
b045b9
         for (i = 0; i < theCache.view_count; i++) {
b045b9
             theCache.ppViewIndex[i] = theView;
b045b9
+            if (theView == NULL){
b045b9
+                break;
b045b9
+            }
b045b9
             theView = theView->list.pNext;
b045b9
         }
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/auth.c b/ldap/servers/slapd/auth.c
b045b9
index b8e171b27..a2050b990 100644
b045b9
--- a/ldap/servers/slapd/auth.c
b045b9
+++ b/ldap/servers/slapd/auth.c
b045b9
@@ -463,7 +463,8 @@ handle_handshake_done(PRFileDesc *prfd, void *clientData)
b045b9
             slapi_log_access(LDAP_DEBUG_STATS,
b045b9
                              "conn=%" PRIu64 " %s %i-bit %s; client %s; issuer %s\n",
b045b9
                              conn->c_connid,
b045b9
-                             sslversion, keySize, cipher ? cipher : "NULL",
b045b9
+                             sslversion, keySize,
b045b9
+                             cipher ? cipher : "NULL",
b045b9
                              subject ? escape_string(subject, sbuf) : "NULL",
b045b9
                              issuer ? escape_string(issuer, ibuf) : "NULL");
b045b9
             if (issuer)
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
b045b9
index 9e557a24a..5d870e364 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
b045b9
@@ -3007,7 +3007,7 @@ dblayer_erase_index_file_ex(backend *be, struct attrinfo *a, PRBool use_lock, in
b045b9
     struct dblayer_private_env *pEnv = NULL;
b045b9
     ldbm_instance *inst = NULL;
b045b9
     dblayer_handle *handle = NULL;
b045b9
-    char dbName[MAXPATHLEN];
b045b9
+    char dbName[MAXPATHLEN] = {0};
b045b9
     char *dbNamep;
b045b9
     char *p;
b045b9
     int dbbasenamelen, dbnamelen;
b045b9
@@ -3098,8 +3098,7 @@ dblayer_erase_index_file_ex(backend *be, struct attrinfo *a, PRBool use_lock, in
b045b9
                     dbNamep = (char *)slapi_ch_realloc(dbNamep, dbnamelen);
b045b9
                 }
b045b9
                 p = dbNamep + dbbasenamelen;
b045b9
-                sprintf(p, "%c%s%s",
b045b9
-                        get_sep(dbNamep), a->ai_type, LDBM_FILENAME_SUFFIX);
b045b9
+                sprintf(p, "%c%s%s", get_sep(dbNamep), a->ai_type, LDBM_FILENAME_SUFFIX);
b045b9
                 rc = dblayer_db_remove_ex(pEnv, dbNamep, 0, 0);
b045b9
                 a->ai_dblayer = NULL;
b045b9
                 if (dbNamep != dbName)
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/filterindex.c b/ldap/servers/slapd/back-ldbm/filterindex.c
b045b9
index fd079077c..e8c3c2008 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/filterindex.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/filterindex.c
b045b9
@@ -563,7 +563,7 @@ range_candidates(
b045b9
 
b045b9
     /* Check if it is for bulk import. */
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &op);
b045b9
-    if (entryrdn_get_switch() && operation_is_flag_set(op, OP_FLAG_INTERNAL) &&
b045b9
+    if (entryrdn_get_switch() && op && operation_is_flag_set(op, OP_FLAG_INTERNAL) &&
b045b9
         operation_is_flag_set(op, OP_FLAG_BULK_IMPORT)) {
b045b9
         /* parentid is treated specially that is needed for the bulk import. (See #48755) */
b045b9
         operator= SLAPI_OP_RANGE_NO_IDL_SORT | SLAPI_OP_RANGE_NO_ALLIDS;
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/import-threads.c b/ldap/servers/slapd/back-ldbm/import-threads.c
b045b9
index b8cd9aaa0..0419865c9 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/import-threads.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/import-threads.c
b045b9
@@ -1664,8 +1664,7 @@ upgradedn_producer(void *param)
b045b9
                 slapi_ch_free_string(&rdn);
b045b9
             }
b045b9
         } else {
b045b9
-            e =
b045b9
-                slapi_str2entry(data.data, SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT);
b045b9
+            e = slapi_str2entry(data.data, SLAPI_STR2ENTRY_USE_OBSOLETE_DNFORMAT);
b045b9
             rdn = slapi_ch_strdup(slapi_entry_get_rdn_const(e));
b045b9
             if (NULL == rdn) {
b045b9
                 Slapi_RDN srdn;
b045b9
@@ -1683,6 +1682,7 @@ upgradedn_producer(void *param)
b045b9
             slapi_log_err(SLAPI_LOG_WARNING, "upgradedn_producer",
b045b9
                           "%s: Skipping badly formatted entry (id %lu)\n",
b045b9
                           inst->inst_name, (u_long)temp_id);
b045b9
+            slapi_ch_free_string(&rdn);
b045b9
             continue;
b045b9
         }
b045b9
 
b045b9
@@ -2183,6 +2183,7 @@ done:
b045b9
     free_IDarray(&dn_norm_sp_conflicts);
b045b9
     slapi_ch_free_string(&ecopy);
b045b9
     slapi_ch_free(&(data.data));
b045b9
+    slapi_ch_free_string(&rdn);
b045b9
     if (job->upgradefd) {
b045b9
         fclose(job->upgradefd);
b045b9
     }
b045b9
@@ -3783,7 +3784,7 @@ out:
b045b9
     slapi_ch_free_string(&search_scope);
b045b9
 
b045b9
 
b045b9
-    if (fd > 0) {
b045b9
+    if (fd >= 0) {
b045b9
         close(fd);
b045b9
     }
b045b9
 
b045b9
@@ -3949,8 +3950,7 @@ import_get_and_add_parent_rdns(ImportWorkerInfo *info,
b045b9
         rc = slapi_rdn_add_srdn_to_all_rdns(srdn, &mysrdn);
b045b9
         if (rc) {
b045b9
             slapi_log_err(SLAPI_LOG_ERR, "import_get_and_add_parent_rdns",
b045b9
-                          "Failed to merge Slapi_RDN %s to RDN\n",
b045b9
-                          slapi_sdn_get_dn(bdn->dn_sdn));
b045b9
+                          "Failed to merge Slapi_RDN to RDN\n");
b045b9
         }
b045b9
     bail:
b045b9
         slapi_ch_free(&data.data);
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c
b045b9
index 587f4d991..7e1cdd0db 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/index.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/index.c
b045b9
@@ -749,7 +749,7 @@ index_add_mods(
b045b9
                                           mods[i]->mod_type,
b045b9
                                           &curr_attr);
b045b9
                     if (curr_attr) {
b045b9
-                        for (j = 0; mods_valueArray[j] != NULL; j++) {
b045b9
+                        for (j = 0; mods_valueArray && mods_valueArray[j] != NULL; j++) {
b045b9
                             if (!slapi_valueset_find(curr_attr, all_vals, mods_valueArray[j])) {
b045b9
                                 /*
b045b9
                                  * If the mod del value is not found in all_vals
b045b9
@@ -1054,6 +1054,7 @@ index_read_ext_allids(
b045b9
     for (retry_count = 0; retry_count < IDL_FETCH_RETRY_COUNT; retry_count++) {
b045b9
         *err = NEW_IDL_DEFAULT;
b045b9
         PRIntervalTime interval;
b045b9
+        idl_free(&idl);
b045b9
         idl = idl_fetch_ext(be, db, &key, db_txn, ai, err, allidslimit);
b045b9
         if (*err == DB_LOCK_DEADLOCK) {
b045b9
             ldbm_nasty("index_read_ext_allids", "index read retrying transaction", 1045, *err);
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/instance.c b/ldap/servers/slapd/back-ldbm/instance.c
b045b9
index d4715ab9c..7f9f423a5 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/instance.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/instance.c
b045b9
@@ -352,6 +352,10 @@ ldbm_instance_find_by_name(struct ldbminfo *li, char *name)
b045b9
     Object *inst_obj;
b045b9
     ldbm_instance *inst;
b045b9
 
b045b9
+    if (name == NULL) {
b045b9
+        return NULL;
b045b9
+    }
b045b9
+
b045b9
     inst_obj = objset_first_obj(li->li_instance_set);
b045b9
     while (inst_obj != NULL) {
b045b9
         inst = (ldbm_instance *)object_get_data(inst_obj);
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
b045b9
index f29945a7e..c93d44a65 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
b045b9
@@ -60,7 +60,7 @@ ldbm_back_add(Slapi_PBlock *pb)
b045b9
     ID pid;
b045b9
     int isroot;
b045b9
     char *errbuf = NULL;
b045b9
-    back_txn txn;
b045b9
+    back_txn txn = {0};
b045b9
     back_txnid parent_txn;
b045b9
     int retval = -1;
b045b9
     char *msg;
b045b9
@@ -96,6 +96,7 @@ ldbm_back_add(Slapi_PBlock *pb)
b045b9
     PRUint64 conn_id;
b045b9
     int op_id;
b045b9
     int result_sent = 0;
b045b9
+
b045b9
     if (slapi_pblock_get(pb, SLAPI_CONN_ID, &conn_id) < 0) {
b045b9
         conn_id = 0; /* connection is NULL */
b045b9
     }
b045b9
@@ -109,6 +110,11 @@ ldbm_back_add(Slapi_PBlock *pb)
b045b9
     slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation);
b045b9
     slapi_pblock_get(pb, SLAPI_BACKEND, &be);
b045b9
 
b045b9
+    if (operation == NULL) {
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, "ldbm_back_add", "NULL operation\n");
b045b9
+        return LDAP_OPERATIONS_ERROR;
b045b9
+    }
b045b9
+
b045b9
     is_resurect_operation = operation_is_flag_set(operation, OP_FLAG_RESURECT_ENTRY);
b045b9
     is_tombstone_operation = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY);
b045b9
     is_fixup_operation = operation_is_flag_set(operation, OP_FLAG_REPL_FIXUP);
b045b9
@@ -126,6 +132,11 @@ ldbm_back_add(Slapi_PBlock *pb)
b045b9
         goto error_return;
b045b9
     }
b045b9
 
b045b9
+    if (e == NULL){
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, "ldbm_back_add", "entry is NULL.\n");
b045b9
+        goto error_return;
b045b9
+    }
b045b9
+
b045b9
     /* sdn & parentsdn need to be initialized before "goto *_return" */
b045b9
     slapi_sdn_init(&parentsdn);
b045b9
 
b045b9
@@ -169,9 +180,8 @@ ldbm_back_add(Slapi_PBlock *pb)
b045b9
      * before we make our last abandon check to avoid race conditions in
b045b9
      * the code that processes abandon operations.
b045b9
      */
b045b9
-    if (operation) {
b045b9
-        operation->o_status = SLAPI_OP_STATUS_WILL_COMPLETE;
b045b9
-    }
b045b9
+    operation->o_status = SLAPI_OP_STATUS_WILL_COMPLETE;
b045b9
+
b045b9
     if (slapi_op_abandoned(pb)) {
b045b9
         ldap_result_code = -1; /* needs to distinguish from "success" */
b045b9
         goto error_return;
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c
b045b9
index e792c26cf..9ecb09903 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c
b045b9
@@ -124,8 +124,8 @@ ldbm_instance_attrcrypt_config_add_callback(Slapi_PBlock *pb __attribute__((unus
b045b9
 {
b045b9
     ldbm_instance *inst = (ldbm_instance *)arg;
b045b9
     char *attribute_name = NULL;
b045b9
-    int cipher = 0;
b045b9
-    int ret = 0;
b045b9
+    int32_t cipher = 0;
b045b9
+    int32_t ret = SLAPI_DSE_CALLBACK_OK;
b045b9
 
b045b9
     returntext[0] = '\0';
b045b9
 
b045b9
@@ -146,7 +146,6 @@ ldbm_instance_attrcrypt_config_add_callback(Slapi_PBlock *pb __attribute__((unus
b045b9
             *returncode = LDAP_UNWILLING_TO_PERFORM;
b045b9
             ret = SLAPI_DSE_CALLBACK_ERROR;
b045b9
         } else {
b045b9
-
b045b9
             ainfo_get(inst->inst_be, attribute_name, &ai);
b045b9
             /* If we couldn't find a non-default attrinfo, then that means
b045b9
              * that no indexing or encryption has yet been defined for this attribute
b045b9
@@ -172,9 +171,7 @@ ldbm_instance_attrcrypt_config_add_callback(Slapi_PBlock *pb __attribute__((unus
b045b9
                 *returncode = LDAP_UNWILLING_TO_PERFORM;
b045b9
                 ret = SLAPI_DSE_CALLBACK_ERROR;
b045b9
             }
b045b9
-            ret = SLAPI_DSE_CALLBACK_OK;
b045b9
         }
b045b9
-
b045b9
     } else {
b045b9
         ret = SLAPI_DSE_CALLBACK_ERROR;
b045b9
     }
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
b045b9
index c2e49d5ab..eb2603897 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
b045b9
@@ -1307,7 +1307,7 @@ ldbm_instance_delete_instance_entry_callback(Slapi_PBlock *pb __attribute__((unu
b045b9
                                              char *returntext,
b045b9
                                              void *arg)
b045b9
 {
b045b9
-    char *instance_name;
b045b9
+    char *instance_name = NULL;
b045b9
     struct ldbminfo *li = (struct ldbminfo *)arg;
b045b9
     struct ldbm_instance *inst = NULL;
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c
b045b9
index 02a21bf92..8f3111813 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/ldbm_search.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c
b045b9
@@ -1157,7 +1157,7 @@ subtree_candidates(
b045b9
     slapi_pblock_get(pb, SLAPI_REQUESTOR_ISROOT, &isroot);
b045b9
     /* Check if it is for bulk import. */
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &op);
b045b9
-    if (entryrdn_get_switch() && operation_is_flag_set(op, OP_FLAG_INTERNAL) &&
b045b9
+    if (op && entryrdn_get_switch() && operation_is_flag_set(op, OP_FLAG_INTERNAL) &&
b045b9
         operation_is_flag_set(op, OP_FLAG_BULK_IMPORT)) {
b045b9
         is_bulk_import = PR_TRUE;
b045b9
     }
b045b9
@@ -1168,7 +1168,7 @@ subtree_candidates(
b045b9
      * since tombstone entries are not indexed in the ancestorid index.
b045b9
      * Note: they are indexed in the entryrdn index.
b045b9
      */
b045b9
-    if (candidates != NULL && (idl_length(candidates) > FILTER_TEST_THRESHOLD)) {
b045b9
+    if (candidates != NULL && (idl_length(candidates) > FILTER_TEST_THRESHOLD) && e) {
b045b9
         IDList *tmp = candidates, *descendants = NULL;
b045b9
         back_txn txn = {NULL};
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/vlv.c b/ldap/servers/slapd/back-ldbm/vlv.c
b045b9
index 9a1a1c63e..23825c2d5 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/vlv.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/vlv.c
b045b9
@@ -1518,7 +1518,7 @@ vlv_trim_candidates_byvalue(backend *be, const IDList *candidates, const sort_sp
b045b9
 {
b045b9
     PRUint32 si = 0; /* The Selected Index */
b045b9
     PRUint32 low = 0;
b045b9
-    PRUint32 high = candidates->b_nids - 1;
b045b9
+    PRUint32 high = 0;
b045b9
     PRUint32 current = 0;
b045b9
     ID id = NOID;
b045b9
     int found = 0;
b045b9
diff --git a/ldap/servers/slapd/back-ldbm/vlv_srch.c b/ldap/servers/slapd/back-ldbm/vlv_srch.c
b045b9
index e9780b590..c4c0875ad 100644
b045b9
--- a/ldap/servers/slapd/back-ldbm/vlv_srch.c
b045b9
+++ b/ldap/servers/slapd/back-ldbm/vlv_srch.c
b045b9
@@ -168,7 +168,7 @@ vlvSearch_init(struct vlvSearch *p, Slapi_PBlock *pb, const Slapi_Entry *e, ldbm
b045b9
 
b045b9
             /* switch context back to the DSE backend */
b045b9
             slapi_pblock_set(pb, SLAPI_BACKEND, oldbe);
b045b9
-            slapi_pblock_set(pb, SLAPI_PLUGIN, oldbe->be_database);
b045b9
+            slapi_pblock_set(pb, SLAPI_PLUGIN, oldbe ? oldbe->be_database: NULL);
b045b9
         }
b045b9
 
b045b9
         /* make (&(parentid=idofbase)(|(originalfilter)(objectclass=referral))) */
b045b9
diff --git a/ldap/servers/slapd/backend.c b/ldap/servers/slapd/backend.c
b045b9
index fb3eb77a3..78c00a5a8 100644
b045b9
--- a/ldap/servers/slapd/backend.c
b045b9
+++ b/ldap/servers/slapd/backend.c
b045b9
@@ -171,7 +171,7 @@ slapi_be_issuffix(const Slapi_Backend *be, const Slapi_DN *suffix)
b045b9
     struct suffixlist *list;
b045b9
     int r = 0;
b045b9
     /* this backend is no longer valid */
b045b9
-    if (be->be_state != BE_STATE_DELETED) {
b045b9
+    if (be && be->be_state != BE_STATE_DELETED) {
b045b9
         int i = 0, count;
b045b9
 
b045b9
         count = slapi_counter_get_value(be->be_suffixcounter);
b045b9
diff --git a/ldap/servers/slapd/compare.c b/ldap/servers/slapd/compare.c
b045b9
index 2626d91d0..88a6c3599 100644
b045b9
--- a/ldap/servers/slapd/compare.c
b045b9
+++ b/ldap/servers/slapd/compare.c
b045b9
@@ -47,9 +47,11 @@ do_compare(Slapi_PBlock *pb)
b045b9
 
b045b9
     slapi_log_err(SLAPI_LOG_TRACE, "do_compare", "=>\n");
b045b9
 
b045b9
+    /* have to init this here so we can "done" it below if we short circuit */
b045b9
+    slapi_sdn_init(&sdn);
b045b9
+
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &pb_op);
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
-
b045b9
     if (pb_op == NULL || pb_conn == NULL) {
b045b9
         slapi_log_err(SLAPI_LOG_ERR, "do_compare", "NULL param: pb_conn (0x%p) pb_op (0x%p)\n",
b045b9
                       pb_conn, pb_op);
b045b9
@@ -62,9 +64,6 @@ do_compare(Slapi_PBlock *pb)
b045b9
     /* count the compare request */
b045b9
     slapi_counter_increment(g_get_global_snmp_vars()->ops_tbl.dsCompareOps);
b045b9
 
b045b9
-    /* have to init this here so we can "done" it below if we short circuit */
b045b9
-    slapi_sdn_init(&sdn);
b045b9
-
b045b9
     /*
b045b9
      * Parse the compare request.  It looks like this:
b045b9
      *
b045b9
diff --git a/ldap/servers/slapd/connection.c b/ldap/servers/slapd/connection.c
b045b9
index fa24ec040..5d2b64ed2 100644
b045b9
--- a/ldap/servers/slapd/connection.c
b045b9
+++ b/ldap/servers/slapd/connection.c
b045b9
@@ -1526,18 +1526,6 @@ connection_threadmain()
b045b9
                [blackflag 624234] */
b045b9
             ret = connection_wait_for_new_work(pb, interval);
b045b9
 
b045b9
-            /*
b045b9
-             * Connection wait for new work provides the conn and op for us.
b045b9
-             */
b045b9
-            slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
-            if (pb_conn == NULL) {
b045b9
-                slapi_log_err(SLAPI_LOG_ERR, "connection_threadmain",
b045b9
-                              "pb_conn is NULL\n");
b045b9
-                slapi_pblock_destroy(pb);
b045b9
-                g_decr_active_threadcnt();
b045b9
-                return;
b045b9
-            }
b045b9
-
b045b9
             switch (ret) {
b045b9
             case CONN_NOWORK:
b045b9
                 PR_ASSERT(interval != PR_INTERVAL_NO_TIMEOUT); /* this should never happen with PR_INTERVAL_NO_TIMEOUT */
b045b9
@@ -1550,15 +1538,22 @@ connection_threadmain()
b045b9
                 return;
b045b9
             case CONN_FOUND_WORK_TO_DO:
b045b9
                 /* note - don't need to lock here - connection should only
b045b9
-                       be used by this thread - since c_gettingber is set to 1
b045b9
-                       in connection_activity when the conn is added to the
b045b9
-                       work queue, setup_pr_read_pds won't add the connection prfd
b045b9
-                       to the poll list */
b045b9
+                   be used by this thread - since c_gettingber is set to 1
b045b9
+                   in connection_activity when the conn is added to the
b045b9
+                   work queue, setup_pr_read_pds won't add the connection prfd
b045b9
+                   to the poll list */
b045b9
+                slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
+                if (pb_conn == NULL) {
b045b9
+                    slapi_log_err(SLAPI_LOG_ERR, "connection_threadmain", "pb_conn is NULL\n");
b045b9
+                    slapi_pblock_destroy(pb);
b045b9
+                    g_decr_active_threadcnt();
b045b9
+                    return;
b045b9
+                }
b045b9
                 if (pb_conn->c_opscompleted == 0) {
b045b9
                     /*
b045b9
-                         * We have a new connection, set the anonymous reslimit idletimeout
b045b9
-                         * if applicable.
b045b9
-                         */
b045b9
+                     * We have a new connection, set the anonymous reslimit idletimeout
b045b9
+                     * if applicable.
b045b9
+                     */
b045b9
                     char *anon_dn = config_get_anon_limits_dn();
b045b9
                     int idletimeout;
b045b9
                     /* If an anonymous limits dn is set, use it to set the limits. */
b045b9
@@ -1578,6 +1573,7 @@ connection_threadmain()
b045b9
                     slapi_log_err(SLAPI_LOG_ERR, "connection_threadmain",
b045b9
                                   "Could not add/remove IO layers from connection\n");
b045b9
                 }
b045b9
+                break;
b045b9
             default:
b045b9
                 break;
b045b9
             }
b045b9
@@ -1604,6 +1600,12 @@ connection_threadmain()
b045b9
         /* Once we're here we have a pb */
b045b9
         slapi_pblock_get(pb, SLAPI_CONNECTION, &conn);
b045b9
         slapi_pblock_get(pb, SLAPI_OPERATION, &op);
b045b9
+        if (conn == NULL || op == NULL) {
b045b9
+            slapi_log_err(SLAPI_LOG_ERR, "connection_threadmain", "NULL param: conn (0x%p) op (0x%p)\n", conn, op);
b045b9
+            slapi_pblock_destroy(pb);
b045b9
+            g_decr_active_threadcnt();
b045b9
+            return;
b045b9
+        }
b045b9
         maxthreads = config_get_maxthreadsperconn();
b045b9
         more_data = 0;
b045b9
         ret = connection_read_operation(conn, op, &tag, &more_data);
b045b9
diff --git a/ldap/servers/slapd/control.c b/ldap/servers/slapd/control.c
b045b9
index 366ec7897..4fd8473be 100644
b045b9
--- a/ldap/servers/slapd/control.c
b045b9
+++ b/ldap/servers/slapd/control.c
b045b9
@@ -304,6 +304,12 @@ get_ldapmessage_controls_ext(
b045b9
 
b045b9
             Operation *pb_op = NULL;
b045b9
             slapi_pblock_get(pb, SLAPI_OPERATION, &pb_op);
b045b9
+            if (pb_op == NULL) {
b045b9
+                rc = LDAP_OPERATIONS_ERROR;
b045b9
+                slapi_log_err(SLAPI_LOG_ERR, "get_ldapmessage_controls_ext", "NULL pb_op\n");
b045b9
+                slapi_rwlock_unlock(supported_controls_lock);
b045b9
+                goto free_and_return;
b045b9
+            }
b045b9
 
b045b9
             if (supported_controls == NULL ||
b045b9
                 supported_controls[i] == NULL ||
b045b9
diff --git a/ldap/servers/slapd/dse.c b/ldap/servers/slapd/dse.c
b045b9
index 662e91aa7..932912c17 100644
b045b9
--- a/ldap/servers/slapd/dse.c
b045b9
+++ b/ldap/servers/slapd/dse.c
b045b9
@@ -1727,8 +1727,9 @@ dse_modify(Slapi_PBlock *pb) /* JCM There should only be one exit point from thi
b045b9
     }
b045b9
 
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &pb_op);
b045b9
-    internal_op = operation_is_flag_set(pb_op, OP_FLAG_INTERNAL);
b045b9
-
b045b9
+    if (pb_op){
b045b9
+        internal_op = operation_is_flag_set(pb_op, OP_FLAG_INTERNAL);
b045b9
+    }
b045b9
     /* Find the entry we are about to modify. */
b045b9
     ec = dse_get_entry_copy(pdse, sdn, DSE_USE_LOCK);
b045b9
     if (ec == NULL) {
b045b9
diff --git a/ldap/servers/slapd/eventq.c b/ldap/servers/slapd/eventq.c
b045b9
index 8fccf38a8..a491acd0a 100644
b045b9
--- a/ldap/servers/slapd/eventq.c
b045b9
+++ b/ldap/servers/slapd/eventq.c
b045b9
@@ -462,7 +462,7 @@ slapi_eq_get_arg(Slapi_Eq_Context ctx)
b045b9
     slapi_eq_context **p;
b045b9
 
b045b9
     PR_ASSERT(eq_initialized);
b045b9
-    if (!eq_stopped) {
b045b9
+    if (eq && !eq_stopped) {
b045b9
         PR_Lock(eq->eq_lock);
b045b9
         p = &(eq->eq_queue);
b045b9
         while (p && *p != NULL) {
b045b9
diff --git a/ldap/servers/slapd/extendop.c b/ldap/servers/slapd/extendop.c
b045b9
index 815949be6..98595bcaa 100644
b045b9
--- a/ldap/servers/slapd/extendop.c
b045b9
+++ b/ldap/servers/slapd/extendop.c
b045b9
@@ -135,10 +135,12 @@ extop_handle_import_start(Slapi_PBlock *pb, char *extoid __attribute__((unused))
b045b9
      * connection block & mark this connection as belonging to a bulk import
b045b9
      */
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
-    PR_EnterMonitor(pb_conn->c_mutex);
b045b9
-    pb_conn->c_flags |= CONN_FLAG_IMPORT;
b045b9
-    pb_conn->c_bi_backend = be;
b045b9
-    PR_ExitMonitor(pb_conn->c_mutex);
b045b9
+    if (pb_conn) {
b045b9
+        PR_EnterMonitor(pb_conn->c_mutex);
b045b9
+        pb_conn->c_flags |= CONN_FLAG_IMPORT;
b045b9
+        pb_conn->c_bi_backend = be;
b045b9
+        PR_ExitMonitor(pb_conn->c_mutex);
b045b9
+    }
b045b9
 
b045b9
     slapi_pblock_set(pb, SLAPI_EXT_OP_RET_OID, EXTOP_BULK_IMPORT_START_OID);
b045b9
     bv.bv_val = NULL;
b045b9
diff --git a/ldap/servers/slapd/filter.c b/ldap/servers/slapd/filter.c
b045b9
index ef975e679..2ac3d2cd8 100644
b045b9
--- a/ldap/servers/slapd/filter.c
b045b9
+++ b/ldap/servers/slapd/filter.c
b045b9
@@ -686,11 +686,13 @@ slapi_filter_dup(Slapi_Filter *f)
b045b9
         outl = &out->f_list;
b045b9
         for (fl = f->f_list; fl != NULL; fl = fl->f_next) {
b045b9
             (*outl) = slapi_filter_dup(fl);
b045b9
-            (*outl)->f_next = 0;
b045b9
-            if (lastout)
b045b9
-                lastout->f_next = *outl;
b045b9
-            lastout = *outl;
b045b9
-            outl = &((*outl)->f_next);
b045b9
+            if (*outl){
b045b9
+                (*outl)->f_next = 0;
b045b9
+                if (lastout)
b045b9
+                    lastout->f_next = *outl;
b045b9
+                lastout = *outl;
b045b9
+                outl = &((*outl)->f_next);
b045b9
+            }
b045b9
         }
b045b9
         break;
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/index_subsystem.c b/ldap/servers/slapd/index_subsystem.c
b045b9
index 47ca90047..97cb7b489 100644
b045b9
--- a/ldap/servers/slapd/index_subsystem.c
b045b9
+++ b/ldap/servers/slapd/index_subsystem.c
b045b9
@@ -1179,7 +1179,7 @@ index_subsys_assign_decoder(Slapi_Filter *f)
b045b9
                          * have the same associated attributes configuration for now
b045b9
                          * though they may have different namespaces
b045b9
                          */
b045b9
-                        if (index_subsys_index_matches_index(f->assigned_decoder, index)) {
b045b9
+                        if (index_subsys_index_matches_index(f->assigned_decoder, index) && last) {
b045b9
                             /* add to end */
b045b9
                             last->list.pNext = index_subsys_index_shallow_dup(index);
b045b9
                             last = last->list.pNext;
b045b9
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
b045b9
index ddaceffea..e1493bb80 100644
b045b9
--- a/ldap/servers/slapd/main.c
b045b9
+++ b/ldap/servers/slapd/main.c
b045b9
@@ -683,13 +683,26 @@ main(int argc, char **argv)
b045b9
     {
b045b9
         char *s = getenv("DEBUG_SLEEP");
b045b9
         if ((s != NULL) && isdigit(*s)) {
b045b9
-            int secs = atoi(s);
b045b9
-            printf("slapd pid is %d\n", getpid());
b045b9
+            char *endp = NULL;
b045b9
+            int64_t secs;
b045b9
+            errno = 0;
b045b9
+
b045b9
+            secs = strtol(s, &endp, 10);
b045b9
+            if ( endp == s ||
b045b9
+                 *endp != '\0' ||
b045b9
+                 ((secs == LONG_MIN || secs == LONG_MAX) && errno == ERANGE) ||
b045b9
+                 secs < 1 )
b045b9
+            {
b045b9
+                /* Invalid value, default to 30 seconds */
b045b9
+                secs = 30;
b045b9
+            } else if (secs > 3600) {
b045b9
+                secs = 3600;
b045b9
+            }
b045b9
+            printf("slapd pid is %d - sleeping for %ld\n", getpid(), secs);
b045b9
             sleep(secs);
b045b9
         }
b045b9
     }
b045b9
 
b045b9
-
b045b9
     /* used to set configfile to the default config file name here */
b045b9
     if ((mcfg.myname = strrchr(argv[0], '/')) == NULL) {
b045b9
         mcfg.myname = slapi_ch_strdup(argv[0]);
b045b9
diff --git a/ldap/servers/slapd/mapping_tree.c b/ldap/servers/slapd/mapping_tree.c
b045b9
index 8cc531834..472a2f6aa 100644
b045b9
--- a/ldap/servers/slapd/mapping_tree.c
b045b9
+++ b/ldap/servers/slapd/mapping_tree.c
b045b9
@@ -2629,7 +2629,7 @@ mtn_get_be(mapping_tree_node *target_node, Slapi_PBlock *pb, Slapi_Backend **be,
b045b9
                     (target_node->mtn_be_states[*index] == SLAPI_BE_STATE_OFFLINE)) {
b045b9
                     slapi_log_err(SLAPI_LOG_TRACE, "mtn_get_be",
b045b9
                                   "Operation attempted on backend in OFFLINE state : %s\n",
b045b9
-                                  target_node->mtn_backend_names[*index]);
b045b9
+                                  target_node->mtn_backend_names ? target_node->mtn_backend_names[*index] : "Unknown backend");
b045b9
                     result = LDAP_OPERATIONS_ERROR;
b045b9
                     *be = defbackend_get_backend();
b045b9
                 }
b045b9
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
b045b9
index 10d263159..f2f6d1783 100644
b045b9
--- a/ldap/servers/slapd/modify.c
b045b9
+++ b/ldap/servers/slapd/modify.c
b045b9
@@ -123,7 +123,7 @@ do_modify(Slapi_PBlock *pb)
b045b9
 
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &operation);
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
-    if (operation == NULL) {
b045b9
+    if (operation == NULL || pb_conn == NULL) {
b045b9
         send_ldap_result(pb, LDAP_OPERATIONS_ERROR,
b045b9
                          NULL, "operation is NULL parameter", 0, NULL);
b045b9
         slapi_log_err(SLAPI_LOG_ERR, "do_modify",
b045b9
@@ -1156,6 +1156,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
     char *proxydn = NULL;
b045b9
     char *proxystr = NULL;
b045b9
     char *errtext = NULL;
b045b9
+    int32_t needpw = 0;
b045b9
 
b045b9
     slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &repl_op);
b045b9
     if (repl_op) {
b045b9
@@ -1169,24 +1170,23 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
     slapi_pblock_get(pb, SLAPI_REQUESTOR_ISROOT, &isroot);
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &operation);
b045b9
     slapi_pblock_get(pb, SLAPI_PWPOLICY, &pwresponse_req);
b045b9
-    internal_op = operation_is_flag_set(operation, OP_FLAG_INTERNAL);
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
+    slapi_sdn_init_dn_byref(&sdn, dn);
b045b9
 
b045b9
-    if (pb_conn == NULL || operation == NULL) {
b045b9
-        slapi_log_err(SLAPI_LOG_ERR, "op_shared_allow_pw_change",
b045b9
-                      "NULL param error: conn (0x%p) op (0x%p)\n", pb_conn, operation);
b045b9
+    if (operation == NULL) {
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, "op_shared_allow_pw_change", "NULL operation\n");
b045b9
         rc = -1;
b045b9
         goto done;
b045b9
     }
b045b9
-
b045b9
-    slapi_sdn_init_dn_byref(&sdn, dn);
b045b9
-    pwpolicy = new_passwdPolicy(pb, (char *)slapi_sdn_get_ndn(&sdn));
b045b9
+    if (pb_conn) {
b045b9
+        needpw = pb_conn->c_needpw;
b045b9
+    }
b045b9
 
b045b9
     /* get the proxy auth dn if the proxy auth control is present */
b045b9
     if ((proxy_err = proxyauth_get_dn(pb, &proxydn, &errtext)) != LDAP_SUCCESS) {
b045b9
         if (operation_is_flag_set(operation, OP_FLAG_ACTION_LOG_ACCESS)) {
b045b9
             slapi_log_access(LDAP_DEBUG_STATS, "conn=%" PRIu64 " op=%d MOD dn=\"%s\"\n",
b045b9
-                             pb_conn->c_connid, operation->o_opid,
b045b9
+                             pb_conn ? pb_conn->c_connid: -1, operation->o_opid,
b045b9
                              slapi_sdn_get_dn(&sdn));
b045b9
         }
b045b9
 
b045b9
@@ -1195,6 +1195,9 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
         goto done;
b045b9
     }
b045b9
 
b045b9
+    pwpolicy = new_passwdPolicy(pb, (char *)slapi_sdn_get_ndn(&sdn));
b045b9
+    internal_op = operation_is_flag_set(operation, OP_FLAG_INTERNAL);
b045b9
+
b045b9
     /* internal operation has root permissions for subtrees it is allowed to access */
b045b9
     if (!internal_op) {
b045b9
         /* slapi_acl_check_mods needs an array of LDAPMods, but
b045b9
@@ -1225,7 +1228,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
                     proxystr = slapi_ch_smprintf(" authzid=\"%s\"", proxydn);
b045b9
                 }
b045b9
                 slapi_log_access(LDAP_DEBUG_STATS, "conn=%" PRIu64 " op=%d MOD dn=\"%s\"%s\n",
b045b9
-                                 pb_conn->c_connid, operation->o_opid,
b045b9
+                                 pb_conn ? pb_conn->c_connid : -1, operation->o_opid,
b045b9
                                  slapi_sdn_get_dn(&sdn), proxystr ? proxystr : "");
b045b9
             }
b045b9
 
b045b9
@@ -1254,7 +1257,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
 
b045b9
         /* Check if password policy allows users to change their passwords.*/
b045b9
         if (!operation->o_isroot && slapi_sdn_compare(&sdn, &operation->o_sdn) == 0 &&
b045b9
-            !pb_conn->c_needpw && !pwpolicy->pw_change) {
b045b9
+            !needpw && !pwpolicy->pw_change) {
b045b9
             if (pwresponse_req == 1) {
b045b9
                 slapi_pwpolicy_make_response_control(pb, -1, -1, LDAP_PWPOLICY_PWDMODNOTALLOWED);
b045b9
             }
b045b9
@@ -1267,7 +1270,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
                 }
b045b9
 
b045b9
                 slapi_log_access(LDAP_DEBUG_STATS, "conn=%" PRIu64 " op=%d MOD dn=\"%s\"%s, %s\n",
b045b9
-                                 pb_conn->c_connid, operation->o_opid,
b045b9
+                                 pb_conn ? pb_conn->c_connid : -1, operation->o_opid,
b045b9
                                  slapi_sdn_get_dn(&sdn),
b045b9
                                  proxystr ? proxystr : "",
b045b9
                                  "user is not allowed to change password");
b045b9
@@ -1280,8 +1283,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
 
b045b9
     /* check if password is within password minimum age;
b045b9
        error result is sent directly from check_pw_minage */
b045b9
-    if (pb_conn && !pb_conn->c_needpw &&
b045b9
-        check_pw_minage(pb, &sdn, mod->mod_bvalues) == 1) {
b045b9
+    if (!needpw && check_pw_minage(pb, &sdn, mod->mod_bvalues) == 1) {
b045b9
         if (operation_is_flag_set(operation, OP_FLAG_ACTION_LOG_ACCESS)) {
b045b9
             if (proxydn) {
b045b9
                 proxystr = slapi_ch_smprintf(" authzid=\"%s\"", proxydn);
b045b9
@@ -1289,7 +1291,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
 
b045b9
             if (!internal_op) {
b045b9
                 slapi_log_access(LDAP_DEBUG_STATS, "conn=%" PRIu64 " op=%d MOD dn=\"%s\"%s, %s\n",
b045b9
-                                 pb_conn->c_connid,
b045b9
+                                 pb_conn ? pb_conn->c_connid : -1,
b045b9
                                  operation->o_opid,
b045b9
                                  slapi_sdn_get_dn(&sdn),
b045b9
                                  proxystr ? proxystr : "",
b045b9
@@ -1303,17 +1305,14 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
                                  "within password minimum age");
b045b9
             }
b045b9
         }
b045b9
-
b045b9
         rc = -1;
b045b9
         goto done;
b045b9
     }
b045b9
 
b045b9
-
b045b9
     /* check password syntax; remember the old password;
b045b9
        error sent directly from check_pw_syntax function */
b045b9
     valuearray_init_bervalarray(mod->mod_bvalues, &values);
b045b9
-    switch (check_pw_syntax_ext(pb, &sdn, values, old_pw, NULL,
b045b9
-                                mod->mod_op, smods)) {
b045b9
+    switch (check_pw_syntax_ext(pb, &sdn, values, old_pw, NULL, mod->mod_op, smods)) {
b045b9
     case 0: /* success */
b045b9
         rc = 1;
b045b9
         break;
b045b9
@@ -1326,7 +1325,7 @@ op_shared_allow_pw_change(Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_M
b045b9
 
b045b9
             if (!internal_op) {
b045b9
                 slapi_log_access(LDAP_DEBUG_STATS, "conn=%" PRIu64 " op=%d MOD dn=\"%s\"%s, %s\n",
b045b9
-                                 pb_conn->c_connid,
b045b9
+                                 pb_conn ? pb_conn->c_connid : -1,
b045b9
                                  operation->o_opid,
b045b9
                                  slapi_sdn_get_dn(&sdn),
b045b9
                                  proxystr ? proxystr : "",
b045b9
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
b045b9
index 46dcf6fba..50b7ae8f6 100644
b045b9
--- a/ldap/servers/slapd/opshared.c
b045b9
+++ b/ldap/servers/slapd/opshared.c
b045b9
@@ -276,6 +276,13 @@ op_shared_search(Slapi_PBlock *pb, int send_result)
b045b9
     slapi_pblock_get(pb, SLAPI_SEARCH_STRFILTER, &fstr);
b045b9
     slapi_pblock_get(pb, SLAPI_SEARCH_ATTRS, &attrs);
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &operation);
b045b9
+    if (operation == NULL) {
b045b9
+        op_shared_log_error_access(pb, "SRCH", base, "NULL operation");
b045b9
+        send_ldap_result(pb, LDAP_OPERATIONS_ERROR, NULL, "NULL operation", 0, NULL);
b045b9
+        rc = -1;
b045b9
+        goto free_and_return_nolock;
b045b9
+    }
b045b9
+
b045b9
     internal_op = operation_is_flag_set(operation, OP_FLAG_INTERNAL);
b045b9
     flag_psearch = operation_is_flag_set(operation, OP_FLAG_PS);
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
diff --git a/ldap/servers/slapd/passwd_extop.c b/ldap/servers/slapd/passwd_extop.c
b045b9
index 40145af2e..5f21f2f71 100644
b045b9
--- a/ldap/servers/slapd/passwd_extop.c
b045b9
+++ b/ldap/servers/slapd/passwd_extop.c
b045b9
@@ -727,6 +727,10 @@ parse_req_done:
b045b9
       */
b045b9
     Operation *pb_op = NULL;
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &pb_op);
b045b9
+    if (pb_op == NULL) {
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, "passwd_modify_extop", "pb_op is NULL");
b045b9
+        goto free_and_return;
b045b9
+    }
b045b9
 
b045b9
     operation_set_target_spec(pb_op, slapi_entry_get_sdn(targetEntry));
b045b9
     slapi_pblock_set(pb, SLAPI_REQUESTOR_ISROOT, &pb_op->o_isroot);
b045b9
diff --git a/ldap/servers/slapd/plugin.c b/ldap/servers/slapd/plugin.c
b045b9
index e02133abc..2db3c7fcd 100644
b045b9
--- a/ldap/servers/slapd/plugin.c
b045b9
+++ b/ldap/servers/slapd/plugin.c
b045b9
@@ -3625,9 +3625,11 @@ plugin_invoke_plugin_pb(struct slapdplugin *plugin, int operation, Slapi_PBlock
b045b9
         return PR_TRUE;
b045b9
 
b045b9
     slapi_pblock_get(pb, SLAPI_OPERATION, &pb_op);
b045b9
-
b045b9
-
b045b9
-    PR_ASSERT(pb_op);
b045b9
+    if (pb_op == NULL) {
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, "plugin_invoke_plugin_pb", "pb_op is NULL");
b045b9
+        PR_ASSERT(0);
b045b9
+        return PR_FALSE;
b045b9
+    }
b045b9
 
b045b9
     target_spec = operation_get_target_spec(pb_op);
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/plugin_internal_op.c b/ldap/servers/slapd/plugin_internal_op.c
b045b9
index 52b8df8c3..f6bbafb92 100644
b045b9
--- a/ldap/servers/slapd/plugin_internal_op.c
b045b9
+++ b/ldap/servers/slapd/plugin_internal_op.c
b045b9
@@ -527,6 +527,7 @@ internal_plugin_search_entry_callback(Slapi_Entry *e, void *callback_data)
b045b9
     this_entry = (Entry_Node *)slapi_ch_calloc(1, sizeof(Entry_Node));
b045b9
 
b045b9
     if ((this_entry->data = slapi_entry_dup(e)) == NULL) {
b045b9
+        slapi_ch_free((void**)&this_entry);
b045b9
         return (0);
b045b9
     }
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/psearch.c b/ldap/servers/slapd/psearch.c
b045b9
index 1bf062954..8ad268a85 100644
b045b9
--- a/ldap/servers/slapd/psearch.c
b045b9
+++ b/ldap/servers/slapd/psearch.c
b045b9
@@ -353,8 +353,8 @@ ps_send_results(void *arg)
b045b9
                 if (rc) {
b045b9
                     slapi_log_err(SLAPI_LOG_CONNS, "ps_send_results",
b045b9
                                   "conn=%" PRIu64 " op=%d Error %d sending entry %s with op status %d\n",
b045b9
-                                  pb_conn->c_connid, pb_op->o_opid,
b045b9
-                                  rc, slapi_entry_get_dn_const(ec), pb_op->o_status);
b045b9
+                                  pb_conn->c_connid, pb_op ? pb_op->o_opid: -1,
b045b9
+                                  rc, slapi_entry_get_dn_const(ec), pb_op ? pb_op->o_status : -1);
b045b9
                 }
b045b9
             }
b045b9
 
b045b9
@@ -401,7 +401,7 @@ ps_send_results(void *arg)
b045b9
 
b045b9
     slapi_log_err(SLAPI_LOG_CONNS, "ps_send_results",
b045b9
                   "conn=%" PRIu64 " op=%d Releasing the connection and operation\n",
b045b9
-                  conn->c_connid, pb_op->o_opid);
b045b9
+                  conn->c_connid, pb_op ? pb_op->o_opid : -1);
b045b9
     /* Delete this op from the connection's list */
b045b9
     connection_remove_operation_ext(ps->ps_pblock, conn, pb_op);
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/pw.c b/ldap/servers/slapd/pw.c
b045b9
index 0cf795b41..53464c64a 100644
b045b9
--- a/ldap/servers/slapd/pw.c
b045b9
+++ b/ldap/servers/slapd/pw.c
b045b9
@@ -1741,7 +1741,6 @@ new_passwdPolicy(Slapi_PBlock *pb, const char *dn)
b045b9
             pwdpolicy->pw_min8bit = SLAPD_DEFAULT_PW_MIN8BIT;
b045b9
             pwdpolicy->pw_maxrepeats = SLAPD_DEFAULT_PW_MAXREPEATS;
b045b9
             pwdpolicy->pw_mincategories = SLAPD_DEFAULT_PW_MINCATEGORIES;
b045b9
-            pwdpolicy->pw_mintokenlength = SLAPD_DEFAULT_PW_MINTOKENLENGTH;
b045b9
             pwdpolicy->pw_maxage = SLAPD_DEFAULT_PW_MAXAGE;
b045b9
             pwdpolicy->pw_minage = SLAPD_DEFAULT_PW_MINAGE;
b045b9
             pwdpolicy->pw_warning = SLAPD_DEFAULT_PW_WARNING;
b045b9
@@ -2229,7 +2228,7 @@ slapi_check_account_lock(Slapi_PBlock *pb, Slapi_Entry *bind_target_entry, int p
b045b9
     /*
b045b9
      * Check if the password policy has to be checked or not
b045b9
      */
b045b9
-    if (!check_password_policy || pwpolicy->pw_lockout == 0) {
b045b9
+    if (!check_password_policy || !pwpolicy || pwpolicy->pw_lockout == 0) {
b045b9
         goto notlocked;
b045b9
     }
b045b9
 
b045b9
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
b045b9
index 50bcbde99..602868470 100644
b045b9
--- a/ldap/servers/slapd/pw_mgmt.c
b045b9
+++ b/ldap/servers/slapd/pw_mgmt.c
b045b9
@@ -44,6 +44,7 @@ need_new_pw(Slapi_PBlock *pb, Slapi_Entry *e, int pwresponse_req)
b045b9
     char graceUserTime[16] = {0};
b045b9
     Connection *pb_conn = NULL;
b045b9
     long t;
b045b9
+    int needpw = 0;
b045b9
 
b045b9
     if (NULL == e) {
b045b9
         return (-1);
b045b9
@@ -91,6 +92,9 @@ need_new_pw(Slapi_PBlock *pb, Slapi_Entry *e, int pwresponse_req)
b045b9
     slapi_ch_free_string(&passwordExpirationTime);
b045b9
 
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
+    if (pb_conn) {
b045b9
+        needpw = pb_conn->c_needpw;
b045b9
+    }
b045b9
 
b045b9
     /* Check if password has been reset */
b045b9
     if (pw_exp_date == NO_TIME) {
b045b9
@@ -99,7 +103,11 @@ need_new_pw(Slapi_PBlock *pb, Slapi_Entry *e, int pwresponse_req)
b045b9
         if (pwpolicy->pw_must_change) {
b045b9
             /* set c_needpw for this connection to be true.  this client
b045b9
                now can only change its own password */
b045b9
-            pb_conn->c_needpw = 1;
b045b9
+            if (pb_conn){
b045b9
+                pb_conn->c_needpw = needpw = 1;
b045b9
+            } else {
b045b9
+                needpw = 1;
b045b9
+            }
b045b9
             t = 0;
b045b9
             /* We need to include "changeafterreset" error in
b045b9
              * passwordpolicy response control. So, we will not be
b045b9
@@ -121,7 +129,7 @@ skip:
b045b9
     /* if password never expires, don't need to go on; return 0 */
b045b9
     if (pwpolicy->pw_exp == 0) {
b045b9
         /* check for "changeafterreset" condition */
b045b9
-        if (pb_conn->c_needpw == 1) {
b045b9
+        if (needpw == 1) {
b045b9
             if (pwresponse_req) {
b045b9
                 slapi_pwpolicy_make_response_control(pb, -1, -1, LDAP_PWPOLICY_CHGAFTERRESET);
b045b9
             }
b045b9
@@ -150,7 +158,7 @@ skip:
b045b9
             slapi_mods_done(&smods);
b045b9
             if (pwresponse_req) {
b045b9
                 /* check for "changeafterreset" condition */
b045b9
-                if (pb_conn->c_needpw == 1) {
b045b9
+                if (needpw == 1) {
b045b9
                     slapi_pwpolicy_make_response_control(pb, -1,
b045b9
                                                          ((pwpolicy->pw_gracelimit) - pwdGraceUserTime),
b045b9
                                                          LDAP_PWPOLICY_CHGAFTERRESET);
b045b9
@@ -182,9 +190,11 @@ skip:
b045b9
         if (pb_conn && (LDAP_VERSION2 == pb_conn->c_ldapversion)) {
b045b9
             Operation *pb_op = NULL;
b045b9
             slapi_pblock_get(pb, SLAPI_OPERATION, &pb_op);
b045b9
-            /* We close the connection only with LDAPv2 connections */
b045b9
-            disconnect_server(pb_conn, pb_op->o_connid,
b045b9
-                              pb_op->o_opid, SLAPD_DISCONNECT_UNBIND, 0);
b045b9
+            if (pb_op) {
b045b9
+                /* We close the connection only with LDAPv2 connections */
b045b9
+                disconnect_server(pb_conn, pb_op->o_connid,
b045b9
+                                  pb_op->o_opid, SLAPD_DISCONNECT_UNBIND, 0);
b045b9
+            }
b045b9
         }
b045b9
         /* Apply current modifications */
b045b9
         pw_apply_mods(sdn, &smods);
b045b9
@@ -207,7 +217,7 @@ skip:
b045b9
             /* reset the expiration time to current + warning time
b045b9
              * and set passwordExpWarned to true
b045b9
              */
b045b9
-            if (pb_conn->c_needpw != 1) {
b045b9
+            if (needpw != 1) {
b045b9
                 pw_exp_date = time_plus_sec(cur_time, pwpolicy->pw_warning);
b045b9
             }
b045b9
 
b045b9
@@ -227,14 +237,14 @@ skip:
b045b9
         slapi_mods_done(&smods);
b045b9
         if (pwresponse_req) {
b045b9
             /* check for "changeafterreset" condition */
b045b9
-            if (pb_conn->c_needpw == 1) {
b045b9
+            if (needpw == 1) {
b045b9
                 slapi_pwpolicy_make_response_control(pb, t, -1, LDAP_PWPOLICY_CHGAFTERRESET);
b045b9
             } else {
b045b9
                 slapi_pwpolicy_make_response_control(pb, t, -1, -1);
b045b9
             }
b045b9
         }
b045b9
 
b045b9
-        if (pb_conn->c_needpw == 1) {
b045b9
+        if (needpw == 1) {
b045b9
             slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
b045b9
         } else {
b045b9
             slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRING, t);
b045b9
@@ -250,7 +260,7 @@ skip:
b045b9
     pw_apply_mods(sdn, &smods);
b045b9
     slapi_mods_done(&smods);
b045b9
     /* Leftover from "changeafterreset" condition */
b045b9
-    if (pb_conn->c_needpw == 1) {
b045b9
+    if (needpw == 1) {
b045b9
         slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRED, 0);
b045b9
     }
b045b9
     /* passes checking, return 0 */
b045b9
diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c
b045b9
index ce394d948..6892ccfdc 100644
b045b9
--- a/ldap/servers/slapd/result.c
b045b9
+++ b/ldap/servers/slapd/result.c
b045b9
@@ -1340,7 +1340,7 @@ send_specific_attrs(Slapi_Entry *e, char **attrs, Slapi_Operation *op, Slapi_PBl
b045b9
         attrs = attrs_ext;
b045b9
     }
b045b9
 
b045b9
-    for (i = 0; attrs && attrs[i] != NULL; i++) {
b045b9
+    for (i = 0; my_searchattrs && attrs && attrs[i] != NULL; i++) {
b045b9
         char *current_type_name = attrs[i];
b045b9
         Slapi_ValueSet **values = NULL;
b045b9
         int attr_free_flags = 0;
b045b9
diff --git a/ldap/servers/slapd/saslbind.c b/ldap/servers/slapd/saslbind.c
b045b9
index 67da97148..0907c623f 100644
b045b9
--- a/ldap/servers/slapd/saslbind.c
b045b9
+++ b/ldap/servers/slapd/saslbind.c
b045b9
@@ -884,6 +884,11 @@ ids_sasl_check_bind(Slapi_PBlock *pb)
b045b9
     slapi_pblock_get(pb, SLAPI_CONNECTION, &pb_conn);
b045b9
     PR_ASSERT(pb_conn);
b045b9
 
b045b9
+    if (pb_conn == NULL){
b045b9
+        slapi_log_err(SLAPI_LOG_ERR, "ids_sasl_check_bind", "pb_conn is NULL\n");
b045b9
+        return;
b045b9
+    }
b045b9
+
b045b9
     PR_EnterMonitor(pb_conn->c_mutex); /* BIG LOCK */
b045b9
     continuing = pb_conn->c_flags & CONN_FLAG_SASL_CONTINUE;
b045b9
     pb_conn->c_flags &= ~CONN_FLAG_SASL_CONTINUE; /* reset flag */
b045b9
diff --git a/ldap/servers/slapd/task.c b/ldap/servers/slapd/task.c
b045b9
index 002083c04..4bd8895ff 100644
b045b9
--- a/ldap/servers/slapd/task.c
b045b9
+++ b/ldap/servers/slapd/task.c
b045b9
@@ -2335,8 +2335,9 @@ task_fixup_tombstone_thread(void *arg)
b045b9
     Slapi_Task *task = task_data->task;
b045b9
     char **base = task_data->base;
b045b9
     char *filter = NULL;
b045b9
-    int fixup_count = 0;
b045b9
-    int rc, i, j;
b045b9
+    int32_t fixup_count = 0;
b045b9
+    int32_t rc = 0;
b045b9
+    int32_t i, j;
b045b9
 
b045b9
     if (!task) {
b045b9
         return; /* no task */
b045b9
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c
b045b9
index a0f3268da..a72de9b07 100644
b045b9
--- a/ldap/servers/slapd/util.c
b045b9
+++ b/ldap/servers/slapd/util.c
b045b9
@@ -746,8 +746,9 @@ normalize_mods2bvals(const LDAPMod **mods)
b045b9
             struct berval **mbvp = NULL;
b045b9
 
b045b9
             for (mbvp = mods[w]->mod_bvalues,
b045b9
-                normmbvp = normalized_mods[w]->mod_bvalues;
b045b9
-                 mbvp && *mbvp; mbvp++, normmbvp++) {
b045b9
+                 normmbvp = normalized_mods[w]->mod_bvalues;
b045b9
+                 normmbvp && mbvp && *mbvp; mbvp++, normmbvp++)
b045b9
+            {
b045b9
                 if (is_dn_syntax) {
b045b9
                     Slapi_DN *sdn = slapi_sdn_new_dn_byref((*mbvp)->bv_val);
b045b9
                     if (slapi_sdn_get_dn(sdn)) {
b045b9
@@ -769,8 +770,9 @@ normalize_mods2bvals(const LDAPMod **mods)
b045b9
             char **mvp = NULL;
b045b9
 
b045b9
             for (mvp = mods[w]->mod_values,
b045b9
-                normmbvp = normalized_mods[w]->mod_bvalues;
b045b9
-                 mvp && *mvp; mvp++, normmbvp++) {
b045b9
+                 normmbvp = normalized_mods[w]->mod_bvalues;
b045b9
+                 normmbvp && mvp && *mvp; mvp++, normmbvp++)
b045b9
+            {
b045b9
                 vlen = strlen(*mvp);
b045b9
 
b045b9
                 *normmbvp =
b045b9
@@ -801,7 +803,7 @@ normalize_mods2bvals(const LDAPMod **mods)
b045b9
         PR_ASSERT(normmbvp - normalized_mods[w]->mod_bvalues <= num_values);
b045b9
 
b045b9
         /* don't forget to null terminate it */
b045b9
-        if (num_values > 0) {
b045b9
+        if (num_values > 0 && normmbvp) {
b045b9
             *normmbvp = NULL;
b045b9
         }
b045b9
     }
b045b9
diff --git a/ldap/servers/slapd/valueset.c b/ldap/servers/slapd/valueset.c
b045b9
index 14ebc48e6..2af3ee18d 100644
b045b9
--- a/ldap/servers/slapd/valueset.c
b045b9
+++ b/ldap/servers/slapd/valueset.c
b045b9
@@ -121,7 +121,9 @@ valuearray_add_valuearray_fast(Slapi_Value ***vals,
b045b9
             j++;
b045b9
         }
b045b9
     }
b045b9
-    (*vals)[nvals + j] = NULL;
b045b9
+    if (*vals) {
b045b9
+        (*vals)[nvals + j] = NULL;
b045b9
+    }
b045b9
 }
b045b9
 
b045b9
 void
b045b9
@@ -1138,7 +1140,7 @@ slapi_valueset_add_attr_valuearray_ext(const Slapi_Attr *a, Slapi_ValueSet *vs,
b045b9
     }
b045b9
 
b045b9
     for (size_t i = 0; i < naddvals; i++) {
b045b9
-        if (addvals[i] != NULL) {
b045b9
+        if (addvals[i] != NULL && vs->va) {
b045b9
             if (passin) {
b045b9
                 /* We consume the values */
b045b9
                 (vs->va)[vs->num] = addvals[i];
b045b9
@@ -1166,7 +1168,9 @@ slapi_valueset_add_attr_valuearray_ext(const Slapi_Attr *a, Slapi_ValueSet *vs,
b045b9
             }
b045b9
         }
b045b9
     }
b045b9
-    (vs->va)[vs->num] = NULL;
b045b9
+    if (vs->va){
b045b9
+        (vs->va)[vs->num] = NULL;
b045b9
+    }
b045b9
 
b045b9
     PR_ASSERT((vs->sorted == NULL) || (vs->num < VALUESET_ARRAY_SORT_THRESHOLD) || ((vs->num >= VALUESET_ARRAY_SORT_THRESHOLD) && (vs->sorted[0] < vs->num)));
b045b9
     return (rc);
b045b9
diff --git a/ldap/servers/slapd/vattr.c b/ldap/servers/slapd/vattr.c
b045b9
index 13e527188..f7c473ab1 100644
b045b9
--- a/ldap/servers/slapd/vattr.c
b045b9
+++ b/ldap/servers/slapd/vattr.c
b045b9
@@ -316,13 +316,19 @@ vattr_context_check(vattr_context *c)
b045b9
 static void
b045b9
 vattr_context_mark(vattr_context *c)
b045b9
 {
b045b9
-    c->vattr_context_loop_count += 1;
b045b9
+    if (c) {
b045b9
+        c->vattr_context_loop_count += 1;
b045b9
+    }
b045b9
 }
b045b9
 
b045b9
 static int
b045b9
 vattr_context_unmark(vattr_context *c)
b045b9
 {
b045b9
-    return (c->vattr_context_loop_count -= 1);
b045b9
+    if (c) {
b045b9
+        return (c->vattr_context_loop_count -= 1);
b045b9
+    } else {
b045b9
+        return 0;
b045b9
+    }
b045b9
 }
b045b9
 
b045b9
 /* modify the context structure on exit from a vattr sp function */
b045b9
@@ -385,13 +391,19 @@ vattr_context_grok(vattr_context **c)
b045b9
 static void
b045b9
 vattr_context_set_loop_msg_displayed(vattr_context **c)
b045b9
 {
b045b9
-    (*c)->error_displayed = 1;
b045b9
+    if (c && *c){
b045b9
+        (*c)->error_displayed = 1;
b045b9
+    }
b045b9
 }
b045b9
 
b045b9
 static int
b045b9
 vattr_context_is_loop_msg_displayed(vattr_context **c)
b045b9
 {
b045b9
-    return (*c)->error_displayed;
b045b9
+    if (c && *c){
b045b9
+        return (*c)->error_displayed;
b045b9
+    } else {
b045b9
+        return 0;
b045b9
+    }
b045b9
 }
b045b9
 
b045b9
 /*
b045b9
diff --git a/ldap/servers/snmp/main.c b/ldap/servers/snmp/main.c
b045b9
index 5bd318df4..95cc26148 100644
b045b9
--- a/ldap/servers/snmp/main.c
b045b9
+++ b/ldap/servers/snmp/main.c
b045b9
@@ -21,6 +21,7 @@
b045b9
 #include "ldap.h"
b045b9
 #include "ldif.h"
b045b9
 #include <ctype.h>
b045b9
+#include <limits.h>
b045b9
 #include <errno.h>
b045b9
 
b045b9
 static char *agentx_master = NULL;
b045b9
@@ -56,16 +57,22 @@ main(int argc, char *argv[])
b045b9
         char *s = getenv("DEBUG_SLEEP");
b045b9
         if ((s != NULL) && isdigit(*s)) {
b045b9
             char *endp = NULL;
b045b9
-            long secs;
b045b9
+            int64_t secs;
b045b9
             errno = 0;
b045b9
 
b045b9
-            printf("%s pid is %d\n", argv[0], getpid());
b045b9
             secs = strtol(s, &endp, 10);
b045b9
-            if (*endp != '\0' || errno == ERANGE) {
b045b9
-                sleep(10);
b045b9
-            } else {
b045b9
-                sleep(secs);
b045b9
+            if ( endp == s ||
b045b9
+                 *endp != '\0' ||
b045b9
+                 ((secs == LONG_MIN || secs == LONG_MAX) && errno == ERANGE) ||
b045b9
+                 secs < 1 )
b045b9
+            {
b045b9
+                /* Invalid value, default to 30 seconds */
b045b9
+                secs = 30;
b045b9
+            } else if (secs > 3600) {
b045b9
+                secs = 3600;
b045b9
             }
b045b9
+            printf("%s pid is %d - sleeping for %ld\n", argv[0], getpid(), secs);
b045b9
+            sleep(secs);
b045b9
         }
b045b9
     }
b045b9
 
b045b9
-- 
b045b9
2.13.6
b045b9