Blob Blame Raw
From d30caf438689760dd4fce8dc914070daae47de72 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Mon, 13 Jan 2014 11:03:46 -0800
Subject: [PATCH 79/83] Ticket #47660 - config_set_allowed_to_delete_attrs:
 Valgrind reports Invalid read

Description: There was a logic error in checking the availability of
a pointer.  Before checking the contents of an address, the correctness
of the pointer needed to be checked.

Also, one memory leak was found in the error return case.

Note: these 2 issues were introduece by this commit:
commit 94b123780b21e503b78bceca9d60904206ef91fa
Trac Ticket #447 - Possible to add invalid attribute to nsslapd-allowed-to-delete-attrs

https://fedorahosted.org/389/ticket/47660

Reviewed by rmeggins@redhat.com (Thank you, Rich!)
(cherry picked from commit 1a788bf35a138d221f2bfb88d6da5fc5244d738c)
(cherry picked from commit 22c24f0d133cfcfc9f7457a84282d223ea3f6e25)
(cherry picked from commit 4aa849fa0a32d90e7d88574f35e1e17fbaf1034f)
---
 ldap/servers/slapd/libglobs.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 6df225d..bcf7db4 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -6704,7 +6704,7 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value,
         int needcopy = 0;
         allowed = slapi_str2charray_ext(vcopy, " ", 0);
         for (s = allowed; s && *s; s++) ;
-        for (--s; s && *s && (s >= allowed); s--) {
+        for (--s; s && (s >= allowed) && *s; s--) {
             cgas = (struct config_get_and_set *)PL_HashTableLookup(confighash,
                                                                    *s);
             if (!cgas && PL_strcasecmp(*s, "aci") /* aci is an exception */) {
@@ -6725,6 +6725,7 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value,
                 slapi_log_error(SLAPI_LOG_FATAL, "config",
                         "%s: Given attributes are all invalid.  No effects.\n",
                         CONFIG_ALLOWED_TO_DELETE_ATTRIBUTE);
+                slapi_ch_array_free(allowed);
                 return LDAP_NO_SUCH_ATTRIBUTE;
             } else {
                 for (s = allowed, d = vcopy; s && *s; s++) {
-- 
1.8.1.4