diff options
author | Steven Danneman <sdanneman@sd-ubuntu.(none)> | 2008-04-25 18:34:46 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2008-04-26 08:11:20 -0700 |
commit | 778a5414b1148ea767020b5330b076fed666694f (patch) | |
tree | d889aeb242d3326782b01f4954d337bc801e6eed /source3/include | |
parent | 17ade782b9037500c282555e5a2612a863af58d8 (diff) | |
download | samba-778a5414b1148ea767020b5330b076fed666694f.tar.gz samba-778a5414b1148ea767020b5330b076fed666694f.tar.bz2 samba-778a5414b1148ea767020b5330b076fed666694f.zip |
Fix bug 5419: memory leak in ads_do_search_all_args() when enumerating 1000s of entries
The ads_do_search_all_args() function attempts to string together several
LDAPMessage structures, returned across several paged ldap requests, into a
single LDAPMessage structure. It does this by pulling entries off the second
LDAPMessage structure and appending them to the first via the OpenLDAP specific
ldap_add_result_entry() call.
The problem with this approach is it skips non-entry messages such as the
result, and controls. These messages are leaked.
The short term solution as suggested by Volker is to replace the ads_*_entry()
calls with ads_*_message() calls so we don't leak any messages.
This fixes the leak but doesn't remove the dependence on the OpenLDAP specific
implementation of ldap_add_result_entry().
(This used to be commit f1a5405409c396df394611e2a234522572d2860a)
Diffstat (limited to 'source3/include')
-rw-r--r-- | source3/include/ads_protos.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/source3/include/ads_protos.h b/source3/include/ads_protos.h index 738df3ed40..a372010b79 100644 --- a/source3/include/ads_protos.h +++ b/source3/include/ads_protos.h @@ -89,6 +89,8 @@ ADS_STATUS ads_search_retry_sid(ADS_STRUCT *ads, LDAPMessage **res, LDAPMessage *ads_first_entry(ADS_STRUCT *ads, LDAPMessage *res); LDAPMessage *ads_next_entry(ADS_STRUCT *ads, LDAPMessage *res); +LDAPMessage *ads_first_message(ADS_STRUCT *ads, LDAPMessage *res); +LDAPMessage *ads_next_message(ADS_STRUCT *ads, LDAPMessage *res); void ads_process_results(ADS_STRUCT *ads, LDAPMessage *res, bool (*fn)(ADS_STRUCT *,char *, void **, void *), void *data_area); |