Bug 1086903

Summary: mem leak in do_search - rawbase not freed upon certain errors
Product: Red Hat Enterprise Linux 6 Reporter: Noriko Hosoi <nhosoi>
Component: 389-ds-baseAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Sankar Ramalingam <sramling>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.6CC: jgalipea, mkubik, nhosoi, nkinder, rmeggins
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.11.15-34.el6 Doc Type: Bug Fix
Doc Text:
Cause: If search failed at the early phase, the memory storing the given basedn was not freed. Consequence: The memory for the basedn leaked. Fix: Fixed the leak. Result: The basedn does not leak any more even if the search fails at the early phase.
 Story Points: ---
Clone Of:
: 1086904 (view as bug list) Environment:
Last Closed: 2014-10-14 07:54:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Noriko Hosoi 2014-04-11 19:28:30 UTC 
Description of problem:
If there is some sort of error in do_search - decoding or protocol errors - after the rawbase variable is allocated but before it is assigned to SLAPI_ORIGINAL_TARGET_DN in pb, the cleanup code will get the NULL variable from the pb and free it, leaking rawbase.
Comment 2 Milan KubĂ­k 2014-06-19 09:49:00 UTC 
Hi,
how do we verify this? Will be an acceptance/sanity run enough?

Thanks,
Milan
Comment 3 Noriko Hosoi 2014-06-19 16:45:17 UTC 
Well, ideally...

Start DS via valgrind.
(Probably, before starting you could prepare the server for the case 2 and 3)

Try following failure case searches.
1. search with invalid base dn
2. Configure the server to prohibit anonymous search.
   Then search anonymously.
3. Configure the server with high minimum SSF.
   Then search with simple auth.

Stop the server and check the valgrind output.
If it does not contain a memleak report having do_search in it, the fix is verified.
Comment 5 errata-xmlrpc 2014-10-14 07:54:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1385.html