Closed Bug 10612 Opened 20 years ago Closed 20 years ago

Core dumps when searching

Categories

(Directory :: PerLDAP, defect, P1, critical)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: leif, Assigned: leif)

Details

From: kburns@netscape.com (Kevin L. Burns)

I can't remember if I reported this to you way back when I emailed you after
first looking into PerLDAP.  Whenever I would run a search that looked for an
entry who's parent didn't exist, I'd get bus error.

For example, I've got the following in ldap
l=3, ou=2, o=1.

I search for this:
search("l=5, l=4, l=3, ou=2, o=1", base, "objectclass=*")
using the search in the Conn.pm module.  "l=4, l=3, ou=2, o=1" does not exist.
This will return error 34 to the OO layer, which will cause an if statement to
fail.  This causes a subtle problem.  You do a ldap_msgfree if ldres is defined,
but you do not go on to undefine ldres.  Then, if ldap_search_s returns true (>
0, which ends up false in the if statement), you return $entry which will be
equal to undef.  All this time, you've freed ldres, but left it defined.  If I
do another search, you will try to free it again since it is defined.  The SDK
doesn't do any checking, frees a pointer that is already free and everything
dies.  This problem could manifest itself in other situations then the one I
described above, but I haven't had the time to find them.  Their is a lot of
ways to fix this.  The best IMHO being to make your own msgFree() method like
this:

sub msgFree {
        my $self = shift;

        if(defined($self->{"ldres"})) {
                ldap_msgfree($self->{"ldres"});
                $self->{"ldres"} = undef;
                }
        return;
        }

and call this instead of calling ldap_msgfree directly.  I'd recommend also
calling this subroutine from nextEntry() after you run out of entries
(ldap_next_entry returns null).  That way you will free the data structure
(LDAPMessage) from memory now, instead of waiting until the next search.  This
could be very useful to someone who does a large search early and never does
another search again.
Priority: P3 → P1
This bug was fixed in Conn.pm version 1.19

ldap_msgfree($self->("ldres")) if defined($self->("ldres"));

was changed to:

if (defined($self->{"ldres"}))
  {
    ldap_msgfree($self->{"ldres"}};
    undef $self->{"ldres"};
  }

in all the places in the code.

Leif, please confirm and we can close this bug.

Thanks,

-Kevin
Status: NEW → ASSIGNED
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Fixed.
You need to log in before you can comment on or make changes to this bug.