Bug 663597

What platform are you on?  How do you have memberOf configured?  What operations are being performed when you notice the process growth?

rhel 5.5, x86_64

operations wise it's a little hard to say, nothing unusual, however we certainly have some badly behaved applications which will set attributes to a value that they are already set to (i.e. a fairly pointless operation).

Looking at our install notes we enable four plugins:

attribute uniqueness (enable, arguments are defaults)
arguments 1: uid
arguments 2: dc=ds,dc=example,dc=com

referential integrity postoperation (enable, add argument #8)
arguments 1: 0
arguments 2: /var/log/dirsrv/slapd-ds2/referint
arguments 3: 0
arguments 4: member
arguments 5: uniquemember
arguments 6: owner
arguments 7: seeAlso
arguments 8: manager

Space Insensitive String Syntax (enable)

MemberOf Plugin (enable + change below)
Advanced -> memberofgroupattr: uniqueMember (default is member)

Created attachment 469157 [details]
Patch

blimey that's impressively quick! FYI we'll be moving to redhat directory
server (it's only fair that you get some support money for this after all). 
Many thanks :-)

Pushed to master.  Thanks to Rich for his review!

Counting objects: 13, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 913 bytes, done.
Total 7 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   f977972..4da627a  master -> master

commit cea436bedbf40c2c29dfb325e2d6266c371cf2a9
Author: Nathan Kinder <nkinder>
Date:   Thu Dec 16 08:02:46 2010 -0800

branch 389-ds-base-1.2.7

This will be fixed in 389-ds-base-1.2.7.5, which should hit the updates-testing repos in the next few days.

Preparation:
1) Downloaded the SRC RPM file and installed it on the local host.
http://download.devel.redhat.com/brewroot/packages/redhat-ds-base/8.2.3/2.el4dsrv/src/redhat-ds-base-8.2.3-2.el4dsrv.src.rpm

2) Checked out the source tree ds.git origin/Directory_Server_8_2_Branch 

Commit comment:
commit 3e170da37a4f8a15b1342430cc2a912bb8b99872
Author: Nathan Kinder <nkinder>
Date:   Thu Dec 16 08:02:46 2010 -0800

    Bug 663597 - Memory leaks in normalization code

    The DN normalization code uses a Slapi_Attr on the stack to avoid
    allocation of the struct.  The contents of the Slapi_Attr are
    never freed.  This patch ensure that the struct is cleared out
    properly.

    There was also a leak in the syntax normalization code where a
    pointer to recently allocated string could get overwritten without
    freeing the string first.  This patch frees the string first.

Committed patch:
diff --git a/ldap/servers/slapd/attrsyntax.c b/ldap/servers/slapd/attrsyntax.c
index ba30871..6d3fe8c 100644
--- a/ldap/servers/slapd/attrsyntax.c
+++ b/ldap/servers/slapd/attrsyntax.c
@@ -469,14 +469,14 @@ char *
 slapi_attr_syntax_normalize( const char *s )
 {
        struct asyntaxinfo *asi = NULL;
-       char *r;
-
+       char *r = NULL;

-    if((asi=attr_syntax_get_by_name(s)) != NULL ) {
+       if((asi=attr_syntax_get_by_name(s)) != NULL ) {
                r = slapi_ch_strdup(asi->asi_name);
                attr_syntax_return( asi );
        }
        if ( NULL == asi ) {
+               slapi_ch_free_string( &r );
                r = attr_syntax_normalize_no_lookup( s );
        }
        return r;
diff --git a/ldap/servers/slapd/dn.c b/ldap/servers/slapd/dn.c
index 227a41e..8e0d0fa 100644
--- a/ldap/servers/slapd/dn.c
+++ b/ldap/servers/slapd/dn.c
@@ -572,6 +572,7 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)

                 slapi_attr_init(&test_attr, typestart);
                 is_dn_syntax = slapi_attr_is_dn_syntax_attr(&test_attr);
+                attr_done(&test_attr);

                 /* Reset the character we modified. */
                 *d = savechar;
@@ -592,6 +593,7 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)

                 slapi_attr_init(&test_attr, typestart);
                 is_dn_syntax = slapi_attr_is_dn_syntax_attr(&test_attr);
+                attr_done(&test_attr);

                 /* Reset the character we modified. */
                 *d = savechar;
@@ -612,6 +614,7 @@ slapi_dn_normalize_ext(char *src, size_t src_len, char **dest, size_t *dest_len)

                 slapi_attr_init(&test_attr, typestart);
                 is_dn_syntax = slapi_attr_is_dn_syntax_attr(&test_attr);
+                attr_done(&test_attr);

                 /* Reset the character we modified. */
                 *d = savechar;

Compare attrsyntax.c from SRC RPM with the one from git.ds -- MATCHED:
# diff rpmbuild/SOURCES/redhat-ds-base-8.2.3/ldap/servers/slapd/attrsyntax.c /export/src/ds82/ldapserver/ldap/servers/slapd/attrsyntax.c
#

Compare dn.c from SRC RPM with the one from git.ds -- MATCHED:
# diff rpmbuild/SOURCES/redhat-ds-base-8.2.3/ldap/servers/slapd/dn.c /export/src/ds82/ldapserver/ldap/servers/slapd/dn.c
#

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0003.html