[389-devel] Please review: [389 Project] #603: A logic error in str2simple

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://fedorahosted.org/389/ticket/603

https://fedorahosted.org/389/attachment/ticket/603/0001-Ticket-603-A-logic-error-in-str2simple.patch

Fix description: str2simple sets the strdup'ed type this way:

if ( f->f_choice == LDAP_FILTER_PRESENT ) {

f->f_type = slapi_ch_strdup( str );

} else if ( unescape_filter ) {

f->f_avtype = slapi_ch_strdup( str );

} if ( !unescape_filter ) {

f->f_avtype = slapi_ch_strdup( str );

}

If f_choice is LDAP_FILTER_PRESENT and !unescape_filter is
true, the first strdup'ed string is leaked since f_type
and f_avtype share the same memory. But currently, str2simple
is not called with (unescape_filter == 0). Thus there is no
chance to satisfy the condition. This patch fixes the flaw.


--
389-devel mailing list
389-devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-devel
[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux