summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-12-18 16:03:57 -0800
committerJeremy Allison <jra@samba.org>2007-12-18 16:03:57 -0800
commit537c4cf9cdb1f76c317c8fbd12068ce1f3fbbf0b (patch)
tree9e680e31981c4aeaccf3f51505b9d77eabc43cf3 /source3/lib
parent1394b91888f4e2f74ebbe462e896e49079d0146d (diff)
downloadsamba-537c4cf9cdb1f76c317c8fbd12068ce1f3fbbf0b.tar.gz
samba-537c4cf9cdb1f76c317c8fbd12068ce1f3fbbf0b.tar.bz2
samba-537c4cf9cdb1f76c317c8fbd12068ce1f3fbbf0b.zip
Fix valgrind error in dbwrap_rbt where rec_priv->node was
being accessed after free. VALOKER PLEASE CHECK THIS VERY CAREFULLY !!!! This is a correct fix in that it fixes the valgrind error, but it looks inelegant to me. I think if I understood this code better I could craft a more subtle fix. Still looking at it.... Jeremy. (This used to be commit 12cce3be2a24fd72106d747890caf6c7f29db43d)
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/dbwrap_rbt.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/source3/lib/dbwrap_rbt.c b/source3/lib/dbwrap_rbt.c
index df568a0410..15d9b67414 100644
--- a/source3/lib/dbwrap_rbt.c
+++ b/source3/lib/dbwrap_rbt.c
@@ -68,6 +68,8 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
TDB_DATA this_key, this_val;
+ bool del_old_keyval = false;
+
if (rec_priv->node != NULL) {
/*
@@ -95,7 +97,7 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
*/
rb_erase(&rec_priv->node->rb_node, &rec_priv->db_ctx->tree);
- SAFE_FREE(rec_priv->node);
+ del_old_keyval = true;
}
node = (struct db_rbt_node *)SMB_MALLOC(
@@ -103,6 +105,9 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ data.dsize);
if (node == NULL) {
+ if (del_old_keyval) {
+ SAFE_FREE(rec_priv->node);
+ }
return NT_STATUS_NO_MEMORY;
}
@@ -152,6 +157,10 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
rb_link_node(&node->rb_node, parent, p);
rb_insert_color(&node->rb_node, &rec_priv->db_ctx->tree);
+ if (del_old_keyval) {
+ SAFE_FREE(rec_priv->node);
+ }
+
return NT_STATUS_OK;
}