https://bugs.openldap.org/show_bug.cgi?id=9198
Bug ID: 9198 Summary: libraries: memory leak in UTF8bvnormalize() Product: OpenLDAP Version: 2.4.49 Hardware: All OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs@openldap.org Reporter: 1259039012@qq.com Target Milestone: ---
https://bugs.openldap.org/show_bug.cgi?id=9198
1259039012@qq.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |1259039012@qq.com
--- Comment #1 from 1259039012@qq.com --- Created attachment 696 --> https://bugs.openldap.org/attachment.cgi?id=696&action=edit This is my fixed code.
The variable 'newbv' of utf8bvnormalize function is not released when the function returns abnormally.
example: if ( !newbv ) { newbv = ber_memalloc_x( sizeof(struct berval), ctx ); if ( !newbv ) return NULL; }
... /* finish off everything up to character before first non-ascii */ if ( LDAP_UTF8_ISASCII( s ) ) { if ( casefold ) { outsize = len + 7; out = (char *) ber_memalloc_x( outsize, ctx ); if ( out == NULL ) { return NULL; //newbv has leak! } ... } ... }
This problem also exists in other return statements in this function.
https://bugs.openldap.org/show_bug.cgi?id=9198
--- Comment #2 from 1259039012@qq.com --- Comment on attachment 696 --> https://bugs.openldap.org/attachment.cgi?id=696 This is my fixed code.
The variable 'newbv' of utf8bvnormalize function is not released when the function returns abnormally.
example: if ( !newbv ) { newbv = ber_memalloc_x( sizeof(struct berval), ctx ); if ( !newbv ) return NULL; }
... /* finish off everything up to character before first non-ascii */ if ( LDAP_UTF8_ISASCII( s ) ) { if ( casefold ) { outsize = len + 7; out = (char *) ber_memalloc_x( outsize, ctx ); if ( out == NULL ) { return NULL; //newbv has leak! } ... } ... }
This problem also exists in other return statements in this function.
https://bugs.openldap.org/show_bug.cgi?id=9198
1259039012@qq.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED
https://bugs.openldap.org/show_bug.cgi?id=9198
Ryan Tandy ryan@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |UNCONFIRMED Resolution|FIXED |---
https://bugs.openldap.org/show_bug.cgi?id=9198
--- Comment #3 from Howard Chu hyc@symas.com --- (In reply to 1259039012 from comment #2)
Comment on attachment 696 [details] This is my fixed code.
Please read and follow https://openldap.org/devel/contributing.html
https://bugs.openldap.org/show_bug.cgi?id=9198
--- Comment #4 from 1259039012@qq.com --- It's fixed by other people in master...
https://bugs.openldap.org/show_bug.cgi?id=9198
--- Comment #5 from 1259039012@qq.com --- Created attachment 697 --> https://bugs.openldap.org/attachment.cgi?id=697&action=edit fixed
fix Bug 9198 - libraries: memory leak in UTF8bvnormalize(); I found this bug in version 2.4.49.
https://bugs.openldap.org/show_bug.cgi?id=9198
1259039012@qq.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED
https://bugs.openldap.org/show_bug.cgi?id=9198
--- Comment #6 from Ryan Tandy ryan@openldap.org --- OK. So already fixed in master by https://git.openldap.org/openldap/openldap/commit/08f5aca7db1e48ce61c1f49141... which is the same patch you've attached here. So this bug is a request to pull it to the 2.4 branch?
https://bugs.openldap.org/show_bug.cgi?id=9198
--- Comment #7 from 1259039012@qq.com --- (In reply to Ryan Tandy from comment #6)
OK. So already fixed in master by https://git.openldap.org/openldap/openldap/commit/ 08f5aca7db1e48ce61c1f4914157efb64f01a32e#6f9f9654295fee0f3c4c4100a1a20b494937 9099 which is the same patch you've attached here. So this bug is a request to pull it to the 2.4 branch?
Yes, I hope the upcoming version will solve this problem, such as 2.4.50.
https://bugs.openldap.org/show_bug.cgi?id=9198
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |--- Ever confirmed|0 |1 Target Milestone|--- |2.4.50 Status|RESOLVED |CONFIRMED
--- Comment #8 from Quanah Gibson-Mount quanah@openldap.org --- Confirmed for RE24.
https://bugs.openldap.org/show_bug.cgi?id=9198
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@openldap.org |quanah@openldap.org Status|CONFIRMED |IN_PROGRESS
--- Comment #9 from Quanah Gibson-Mount quanah@openldap.org --- https://git.openldap.org/openldap/openldap/-/merge_requests/20
https://bugs.openldap.org/show_bug.cgi?id=9198
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED
--- Comment #10 from Quanah Gibson-Mount quanah@openldap.org --- Commits: • 5f8cd023 by Howard Chu at 2020-04-02T16:46:11+00:00 ITS#9198 - Plug unlikely memleak in liblunicode
https://bugs.openldap.org/show_bug.cgi?id=9198
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org