From 5f89494625af13a9e23a620d973eb11120495ab3 Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Mon, 7 Oct 2013 09:57:47 -0400 Subject: [PATCH 33/39] Ticket 47517 - memory leak in range searches and other various leaks Bug Description: Range searches leak memory Fix Description: Free the db key, if the key changed between calls to c_get. Also fixed a leak when doing a delete operation(retrieving the parent id), and fixed a leak in replication incremental protocol when getting the hostname control. https://fedorahosted.org/389/ticket/47517 Reviewed by: nhosoi & richm(Thanks!) (cherry picked from commit b737882146e709aa75771168ffd9db63af23e005) (cherry picked from commit 98dd62e4a9ed6696a3becfda3ccb456de587601f) --- ldap/servers/slapd/back-ldbm/idl_new.c | 16 +++++++++++++++- ldap/servers/slapd/back-ldbm/index.c | 2 -- ldap/servers/slapd/back-ldbm/ldbm_delete.c | 1 + ldap/servers/slapd/ldaputil.c | 3 ++- 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/ldap/servers/slapd/back-ldbm/idl_new.c b/ldap/servers/slapd/back-ldbm/idl_new.c index 50ad5cb..f0410f9 100644 --- a/ldap/servers/slapd/back-ldbm/idl_new.c +++ b/ldap/servers/slapd/back-ldbm/idl_new.c @@ -576,6 +576,11 @@ idl_new_range_fetch( } #endif ret = cursor->c_get(cursor, &cur_key, &data, DB_NEXT_DUP|DB_MULTIPLE); + if (saved_key != cur_key.data) { + /* key was allocated in c_get */ + slapi_ch_free(&saved_key); + saved_key = cur_key.data; + } if (ret) { if (upperkey && upperkey->data && DBT_EQ(&cur_key, upperkey)) { /* this is the last key */ @@ -583,6 +588,11 @@ idl_new_range_fetch( } /* First set the cursor (DB_NEXT_NODUP does not take DB_MULTIPLE) */ ret = cursor->c_get(cursor, &cur_key, &data, DB_NEXT_NODUP); + if (saved_key != cur_key.data) { + /* key was allocated in c_get */ + slapi_ch_free(&saved_key); + saved_key = cur_key.data; + } if (ret) { break; } @@ -633,13 +643,17 @@ idl_new_range_fetch( } } ret = cursor->c_get(cursor,&cur_key,&data,DB_NEXT_DUP); + if (saved_key != cur_key.data) { + /* key was allocated in c_get */ + slapi_ch_free(&saved_key); + saved_key = cur_key.data; + } count++; if (ret) { if (upperkey && upperkey->data && DBT_EQ(&cur_key, upperkey)) { /* this is the last key */ break; } - DBT_FREE_PAYLOAD(cur_key); ret = cursor->c_get(cursor, &cur_key, &data, DB_NEXT_NODUP); if (saved_key != cur_key.data) { /* key was allocated in c_get */ diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c index f4de2fa..1504fa8 100644 --- a/ldap/servers/slapd/back-ldbm/index.c +++ b/ldap/servers/slapd/back-ldbm/index.c @@ -1401,8 +1401,6 @@ index_range_read_ext( type, prefix, *err ); } } else if (DBTcmp (&upperkey, &cur_key, ai->ai_key_cmp_fn) > 0) { - tmpbuf = slapi_ch_realloc (tmpbuf, cur_key.dsize); - memcpy (tmpbuf, cur_key.dptr, cur_key.dsize); DBT_FREE_PAYLOAD(upperkey); upperkey.dptr = NULL; /* x >= a :no need to check upper bound */ upperkey.dsize = 0; diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c index c174c18..6725123 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c @@ -457,6 +457,7 @@ ldbm_back_delete( Slapi_PBlock *pb ) * and numsubordinate count could get confused. */ ID pid = (ID)strtol(pid_str, (char **)NULL, 10); + slapi_ch_free_string(&pid_str); parent = id2entry(be, pid ,NULL, &retval); if (parent && cache_lock_entry(&inst->inst_cache, parent)) { /* Failed to obtain parent entry's entry lock */ diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c index e56c392..edc8267 100644 --- a/ldap/servers/slapd/ldaputil.c +++ b/ldap/servers/slapd/ldaputil.c @@ -1096,6 +1096,7 @@ slapi_ldap_bind( if (ptr) { copy = slapi_ch_strdup(myhostname); *(copy + (ptr - myhostname)) = '\0'; + slapi_ch_free_string(&myhostname); myhostname = copy; } } @@ -1119,7 +1120,7 @@ slapi_ldap_bind( myerrno ? myerrno : gaierr, myerrno ? slapd_system_strerror(myerrno) : gai_strerror(gaierr), myhostname ? myhostname : "unknown host"); - slapi_ch_free_string(©); + slapi_ch_free_string(&myhostname); goto done; } -- 1.7.1