--_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: quoted-printable
Dear Howard-san,
I appreciate your many valuable advices.
>Never use calloc/malloc/free directly in slapd code. Always use ch_calloc/=
ch_malloc/ch_free.
>
>In this particular case, there's no reason to allocate at all. Just define=
"struct crypt_data data" as a local variable.
You are right. There is no need to allocate memory for "data" because using=
a local variable is also thread-safe in this case.
>Also there's no reason to lock the passwd_mutex at all. That would complet=
ely defeat the purpose of using crypt_r() in the first place.
I decide to use passwd_mutex only for ber_strdup(), which seems to be non =
thread-safe according to ./libraries/liblber/memory.c.
I created two patches for passwd.c.
Both patches uses "data" as a local variable. =20
"case1" uses passwd_mutex for ber_strdup(), "case2" dose not so.
For the time being , I am going to use "case1" due to the aforementioned th=
read-safe concern about ber_strdup().
Best Regards,
************************************************
Yoshinori Nishino
NEC Solution Innovators, Ltd.
1-18-7 Shinkiba, Koto-ku, Tokyo, 136-8627 Japan
E-MAIL: yos-nishino(a)ys.jp.nec.com
************************************************
--_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_
Content-Type: application/octet-stream;
name="openldap-slapd_crypt_case1.patch"
Content-Description: openldap-slapd_crypt_case1.patch
Content-Disposition: attachment;
filename="openldap-slapd_crypt_case1.patch"; size=1345;
creation-date="Sun, 03 Sep 2017 01:05:32 GMT";
modification-date="Sun, 03 Sep 2017 01:08:20 GMT"
Content-Transfer-Encoding: base64
bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp
ZmYgLS1naXQgYS9wYXNzd2QuYy4gYi9wYXNzd2QuYwppbmRleCBkZmEzNzBjLi5hYzA3ZGQyIDEw
MDY0NAotLS0gYS9wYXNzd2QuYworKysgYi9wYXNzd2QuYwpAQCAtMjMsOCArMjMsMTEgQEAKICNp
bmNsdWRlIDxhYy91bmlzdGQuaD4KIAogI2lmZGVmIFNMQVBEX0NSWVBUCisjaWZkZWYgSEFWRV9D
UllQVF9SCisjZGVmaW5lIF9fVVNFX0dOVQorI2VuZGlmIC8qIEhBVkVfQ1JZUFRfUiAqLwogI2lu
Y2x1ZGUgPGFjL2NyeXB0Lmg+Ci0jZW5kaWYKKyNlbmRpZiAvKiBTTEFQRF9DUllQVCAqLwogCiAj
aW5jbHVkZSAic2xhcC5oIgogCkBAIC01OTAsNiArNTkzLDMxIEBAIHNsYXBfcGFzc3dkX2hhc2go
CiBzdGF0aWMgbGRhcF9wdnRfdGhyZWFkX211dGV4X3QgcGFzc3dkX211dGV4Owogc3RhdGljIGx1
dGlsX2NyeXB0ZnVuYyBzbGFwZF9jcnlwdDsKIAorI2lmZGVmIEhBVkVfQ1JZUFRfUgorc3RhdGlj
IGludCBzbGFwZF9jcnlwdCggY29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFy
ICoqaGFzaCApCit7CisJY2hhciAqY3I7CisJaW50IHJjOworCXN0cnVjdCBjcnlwdF9kYXRhIGRh
dGE7CisgICAgCisJZGF0YS5pbml0aWFsaXplZCA9IDA7CisJY3IgPSBjcnlwdF9yKCBrZXksIHNh
bHQsICZkYXRhICk7CisJaWYgKCBjciA9PSBOVUxMIHx8IGNyWzBdID09ICdcMCcgKSB7CisJCS8q
IHNhbHQgbXVzdCBoYXZlIGJlZW4gaW52YWxpZCAqLworCQlyYyA9IExVVElMX1BBU1NXRF9FUlI7
CisJfSBlbHNlIHsKKwkJaWYgKCBoYXNoICkgeworCQkJKmhhc2ggPSBiZXJfc3RyZHVwKCBjciAp
OworCQkJcmMgPSBMVVRJTF9QQVNTV0RfT0s7CisJCX0gZWxzZSB7CisJCQlyYyA9IHN0cmNtcCgg
c2FsdCwgY3IgKSA/IExVVElMX1BBU1NXRF9FUlIgOiBMVVRJTF9QQVNTV0RfT0s7CisJCX0KKwl9
CisgCisgICAgZnJlZShkYXRhKTsKKyAgICByZXR1cm4gcmM7Cit9CisjZWxzZQogc3RhdGljIGlu
dCBzbGFwZF9jcnlwdCggY29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoq
aGFzaCApCiB7CiAJY2hhciAqY3I7CkBAIC02MTQsNiArNjQyLDggQEAgc3RhdGljIGludCBzbGFw
ZF9jcnlwdCggY29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoqaGFzaCAp
CiAJbGRhcF9wdnRfdGhyZWFkX211dGV4X3VubG9jayggJnBhc3N3ZF9tdXRleCApOwogCXJldHVy
biByYzsKIH0KKyNlbmRpZiAvKiBIQVZFX0NSWVBUX1IgKi8KKwogI2VuZGlmIC8qIFNMQVBEX0NS
WVBUICovCiAKIHZvaWQgc2xhcF9wYXNzd2RfaW5pdCgpCg==
--_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_
Content-Type: application/octet-stream;
name="openldap-slapd_crypt_case2.patch"
Content-Description: openldap-slapd_crypt_case2.patch
Content-Disposition: attachment;
filename="openldap-slapd_crypt_case2.patch"; size=1444;
creation-date="Sun, 03 Sep 2017 01:05:35 GMT";
modification-date="Sun, 03 Sep 2017 01:08:20 GMT"
Content-Transfer-Encoding: base64
bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp
ZmYgLS1naXQgYS9wYXNzd2QuYyBiL3Bhc3N3ZC5jCmluZGV4IGRmYTM3MGMuLjM1ZDg3ZTUgMTAw
NjQ0Ci0tLSBhL3Bhc3N3ZC5jCisrKyBiL3Bhc3N3ZC5jCkBAIC0yMyw4ICsyMywxMSBAQAogI2lu
Y2x1ZGUgPGFjL3VuaXN0ZC5oPgogCiAjaWZkZWYgU0xBUERfQ1JZUFQKKyNpZmRlZiBIQVZFX0NS
WVBUX1IKKyNkZWZpbmUgX19VU0VfR05VCisjZW5kaWYgLyogSEFWRV9DUllQVF9SICovCiAjaW5j
bHVkZSA8YWMvY3J5cHQuaD4KLSNlbmRpZgorI2VuZGlmIC8qIFNMQVBEX0NSWVBUICovCiAKICNp
bmNsdWRlICJzbGFwLmgiCiAKQEAgLTU5MCw2ICs1OTMsMzMgQEAgc2xhcF9wYXNzd2RfaGFzaCgK
IHN0YXRpYyBsZGFwX3B2dF90aHJlYWRfbXV0ZXhfdCBwYXNzd2RfbXV0ZXg7CiBzdGF0aWMgbHV0
aWxfY3J5cHRmdW5jIHNsYXBkX2NyeXB0OwogCisjaWZkZWYgSEFWRV9DUllQVF9SCitzdGF0aWMg
aW50IHNsYXBkX2NyeXB0KCBjb25zdCBjaGFyICprZXksIGNvbnN0IGNoYXIgKnNhbHQsIGNoYXIg
KipoYXNoICkKK3sKKwljaGFyICpjcjsKKwlpbnQgcmM7CisJc3RydWN0IGNyeXB0X2RhdGEgZGF0
YTsKKyAgICAKKwlkYXRhLmluaXRpYWxpemVkID0gMDsKKwljciA9IGNyeXB0X3IoIGtleSwgc2Fs
dCwgJmRhdGEgKTsKKwlpZiAoIGNyID09IE5VTEwgfHwgY3JbMF0gPT0gJ1wwJyApIHsKKwkJLyog
c2FsdCBtdXN0IGhhdmUgYmVlbiBpbnZhbGlkICovCisJCXJjID0gTFVUSUxfUEFTU1dEX0VSUjsK
Kwl9IGVsc2UgeworCQlpZiAoIGhhc2ggKSB7CisJCQlsZGFwX3B2dF90aHJlYWRfbXV0ZXhfbG9j
ayggJnBhc3N3ZF9tdXRleCApOworCQkJKmhhc2ggPSBiZXJfc3RyZHVwKCBjciApOworCQkJbGRh
cF9wdnRfdGhyZWFkX211dGV4X3VubG9jayggJnBhc3N3ZF9tdXRleCApOworCQkJcmMgPSBMVVRJ
TF9QQVNTV0RfT0s7CisJCX0gZWxzZSB7CisJCQlyYyA9IHN0cmNtcCggc2FsdCwgY3IgKSA/IExV
VElMX1BBU1NXRF9FUlIgOiBMVVRJTF9QQVNTV0RfT0s7CisJCX0KKwl9CisgCisgICAgZnJlZShk
YXRhKTsKKyAgICByZXR1cm4gcmM7Cit9CisjZWxzZQogc3RhdGljIGludCBzbGFwZF9jcnlwdCgg
Y29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoqaGFzaCApCiB7CiAJY2hh
ciAqY3I7CkBAIC02MTQsNiArNjQ0LDggQEAgc3RhdGljIGludCBzbGFwZF9jcnlwdCggY29uc3Qg
Y2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoqaGFzaCApCiAJbGRhcF9wdnRfdGhy
ZWFkX211dGV4X3VubG9jayggJnBhc3N3ZF9tdXRleCApOwogCXJldHVybiByYzsKIH0KKyNlbmRp
ZiAvKiBIQVZFX0NSWVBUX1IgKi8KKwogI2VuZGlmIC8qIFNMQVBEX0NSWVBUICovCiAKIHZvaWQg
c2xhcF9wYXNzd2RfaW5pdCgpCg==
--_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_--