summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteven Danneman <sdanneman@sd-ubuntu.(none)>2008-04-25 18:34:46 -0700
committerJeremy Allison <jra@samba.org>2008-04-26 08:11:20 -0700
commit778a5414b1148ea767020b5330b076fed666694f (patch)
treed889aeb242d3326782b01f4954d337bc801e6eed
parent17ade782b9037500c282555e5a2612a863af58d8 (diff)
downloadsamba-778a5414b1148ea767020b5330b076fed666694f.tar.gz
samba-778a5414b1148ea767020b5330b076fed666694f.tar.bz2
samba-778a5414b1148ea767020b5330b076fed666694f.zip
Fix bug 5419: memory leak in ads_do_search_all_args() when enumerating 1000s of entries
The ads_do_search_all_args() function attempts to string together several LDAPMessage structures, returned across several paged ldap requests, into a single LDAPMessage structure. It does this by pulling entries off the second LDAPMessage structure and appending them to the first via the OpenLDAP specific ldap_add_result_entry() call. The problem with this approach is it skips non-entry messages such as the result, and controls. These messages are leaked. The short term solution as suggested by Volker is to replace the ads_*_entry() calls with ads_*_message() calls so we don't leak any messages. This fixes the leak but doesn't remove the dependence on the OpenLDAP specific implementation of ldap_add_result_entry(). (This used to be commit f1a5405409c396df394611e2a234522572d2860a)
-rw-r--r--source3/include/ads_protos.h2
-rw-r--r--source3/libads/ldap.c26
2 files changed, 26 insertions, 2 deletions
diff --git a/source3/include/ads_protos.h b/source3/include/ads_protos.h
index 738df3ed40..a372010b79 100644
--- a/source3/include/ads_protos.h
+++ b/source3/include/ads_protos.h
@@ -89,6 +89,8 @@ ADS_STATUS ads_search_retry_sid(ADS_STRUCT *ads, LDAPMessage **res,
LDAPMessage *ads_first_entry(ADS_STRUCT *ads, LDAPMessage *res);
LDAPMessage *ads_next_entry(ADS_STRUCT *ads, LDAPMessage *res);
+LDAPMessage *ads_first_message(ADS_STRUCT *ads, LDAPMessage *res);
+LDAPMessage *ads_next_message(ADS_STRUCT *ads, LDAPMessage *res);
void ads_process_results(ADS_STRUCT *ads, LDAPMessage *res,
bool (*fn)(ADS_STRUCT *,char *, void **, void *),
void *data_area);
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index b0f27b598b..9321302151 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -870,8 +870,8 @@ static ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path,
/* this relies on the way that ldap_add_result_entry() works internally. I hope
that this works on all ldap libs, but I have only tested with openldap */
- for (msg = ads_first_entry(ads, res2); msg; msg = next) {
- next = ads_next_entry(ads, msg);
+ for (msg = ads_first_message(ads, res2); msg; msg = next) {
+ next = ads_next_message(ads, msg);
ldap_add_result_entry((LDAPMessage **)res, msg);
}
/* note that we do not free res2, as the memory is now
@@ -2091,6 +2091,28 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
}
/**
+ * pull the first message from a ADS result
+ * @param ads connection to ads server
+ * @param res Results of search
+ * @return first message from result
+ **/
+ LDAPMessage *ads_first_message(ADS_STRUCT *ads, LDAPMessage *res)
+{
+ return ldap_first_message(ads->ldap.ld, res);
+}
+
+/**
+ * pull the next message from a ADS result
+ * @param ads connection to ads server
+ * @param res Results of search
+ * @return next message from result
+ **/
+ LDAPMessage *ads_next_message(ADS_STRUCT *ads, LDAPMessage *res)
+{
+ return ldap_next_message(ads->ldap.ld, res);
+}
+
+/**
* pull a single string from a ADS result
* @param ads connection to ads server
* @param mem_ctx TALLOC_CTX to use for allocating result string