Skip to content

Commit ac4a649

Browse files
rkhapovrkhapov
committed
ldap leaks fixes
Signed-off-by: roman khapov <[email protected]>
1 parent 0790e78 commit ac4a649

File tree

2 files changed

+15
-9
lines changed

2 files changed

+15
-9
lines changed

sources/client.h

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -132,6 +132,10 @@ static inline od_client_t *od_client_allocate(void)
132132

133133
static inline void od_client_free(od_client_t *client)
134134
{
135+
#ifdef LDAP_FOUND
136+
free(client->ldap_auth_dn);
137+
#endif
138+
135139
od_relay_free(&client->relay);
136140
od_io_free(&client->io);
137141
if (client->io_cond)

sources/ldap.c

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -166,7 +166,7 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
166166

167167
if (serv->endpoint->ldapbasedn) {
168168
// copy pasted from ./src/backend/libpq/auth.c:2635
169-
char *filter;
169+
char *filter = NULL;
170170
LDAPMessage *search_message;
171171
LDAPMessage *entry;
172172
char *attributes[] = { LDAP_NO_ATTRS, NULL };
@@ -186,8 +186,15 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
186186
}
187187

188188
if (serv->endpoint->ldapsearchfilter) {
189-
od_asprintf(&filter, "(&%s%s)", filter,
189+
char *prev_filter = strdup(filter);
190+
free(filter);
191+
if (prev_filter == NULL) {
192+
return NOT_OK_RESPONSE;
193+
}
194+
195+
od_asprintf(&filter, "(&%s%s)", prev_filter,
190196
serv->endpoint->ldapsearchfilter);
197+
free(prev_filter);
191198
}
192199

193200
rc = ldap_search_s(serv->conn, serv->endpoint->ldapbasedn,
@@ -198,10 +205,11 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
198205
"basedn search entries with filter: %s and attrib %s ",
199206
filter, attributes[0]);
200207

208+
free(filter);
209+
201210
if (rc != LDAP_SUCCESS) {
202211
od_error(logger, "auth_ldap", client, NULL,
203212
"basednn search result: %d", rc);
204-
free(filter);
205213
return NOT_OK_RESPONSE;
206214
}
207215

@@ -211,13 +219,10 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
211219
"basedn search entries count: %d", count);
212220

213221
if (count == 0) {
214-
free(filter);
215222
ldap_msgfree(search_message);
216223
return LDAP_INSUFFICIENT_ACCESS;
217-
} else {
218224
}
219225

220-
free(filter);
221226
ldap_msgfree(search_message);
222227
return NOT_OK_RESPONSE;
223228
}
@@ -237,7 +242,6 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
237242
rc = od_ldap_search_storage_credentials(
238243
logger, values, rule, client);
239244
if (rc != OK_RESPONSE) {
240-
free(filter);
241245
ldap_memfree(dn);
242246
ldap_value_free_len(values);
243247
ldap_msgfree(search_message);
@@ -246,7 +250,6 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
246250
} else {
247251
od_debug(logger, "auth_ldap", client, NULL,
248252
"error: empty search results");
249-
free(filter);
250253
ldap_memfree(dn);
251254
ldap_value_free_len(values);
252255
ldap_msgfree(search_message);
@@ -256,7 +259,6 @@ od_retcode_t od_ldap_server_prepare(od_logger_t *logger, od_ldap_server_t *serv,
256259
}
257260
auth_user = strdup(dn);
258261

259-
free(filter);
260262
ldap_memfree(dn);
261263
ldap_msgfree(search_message);
262264

0 commit comments

Comments
 (0)