+++ This bug was initially created as a clone of Bug #1086903 +++
Description of problem:
If there is some sort of error in do_search - decoding or protocol errors - after the rawbase variable is allocated but before it is assigned to SLAPI_ORIGINAL_TARGET_DN in pb, the cleanup code will get the NULL variable from the pb and free it, leaking rawbase.
see RHEL 6.6 bug for verification steps
Created attachment 978191 [details]
$ rpm -qa | grep 389
CA certificate exported for a client:
$ cat .ldaprc
 Search with invalid base dn
$ ldapsearch -LLL -D "cn=Directory Manager" -w Secret123 -b dc=example,dc=foo -H ldaps://localhost:636
No such object (32)
 Configure the server to prohibit anonymous search. Then search anonymously.
$ ldapsearch -LLL -b dc=example,dc=com -H ldaps://localhost:636
ldap_sasl_interactive_bind_s: Inappropriate authentication (48)
additional info: Anonymous access is not allowed.
 Configure the server with high minimum SSF. Then search with simple auth.
$ ldapsearch -LLL -D "cn=Directory Manager" -w Secret123 -b dc=example,dc=com -H ldap://localhost:389
ldap_bind: Server is unwilling to perform (53)
additional info: Minimum SSF not met.
$ sudo /usr/sbin/stop-dirsrv
Stopping instance "rhel7ds"
$ grep -i do_search /tmp/valgrind-20150109-160503-rhel7ds.out | wc -l
Marking as VERIFIED
Created attachment 978218 [details]
I'm sorry, I was running valgrind without debuginfo package for 389-ds.
I repeated the tests with debuginfo installed. No do_search in the output.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.