dovecot-2.2: auth: ldap with auth_bind=yes leaked memory
dovecot at dovecot.org
dovecot at dovecot.org
Wed Dec 11 18:39:52 EET 2013
details: http://hg.dovecot.org/dovecot-2.2/rev/3f7cc2dd6410
changeset: 17056:3f7cc2dd6410
user: Timo Sirainen <tss at iki.fi>
date: Wed Dec 11 18:39:08 2013 +0200
description:
auth: ldap with auth_bind=yes leaked memory
Existing LDAP search request can't just be converted into bind request
before the search request is freed. So just create a new request.
diffstat:
src/auth/passdb-ldap.c | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
diffs (35 lines):
diff -r e49f481af55b -r 3f7cc2dd6410 src/auth/passdb-ldap.c
--- a/src/auth/passdb-ldap.c Mon Dec 09 18:41:30 2013 +0200
+++ b/src/auth/passdb-ldap.c Wed Dec 11 18:39:08 2013 +0200
@@ -236,7 +236,7 @@
struct passdb_ldap_request *passdb_ldap_request =
(struct passdb_ldap_request *)ldap_request;
struct auth_request *auth_request = ldap_request->auth_request;
- struct ldap_request_bind *brequest;
+ struct passdb_ldap_request *brequest;
char *dn;
if (res != NULL && ldap_msgtype(res) == LDAP_RES_SEARCH_ENTRY) {
@@ -257,14 +257,16 @@
/* failure */
ldap_bind_lookup_dn_fail(auth_request, passdb_ldap_request, res);
} else {
- /* convert search request to bind request */
- brequest = &passdb_ldap_request->request.bind;
- memset(brequest, 0, sizeof(*brequest));
- brequest->request.type = LDAP_REQUEST_TYPE_BIND;
- brequest->request.auth_request = auth_request;
+ /* create a new bind request */
+ brequest = p_new(auth_request->pool,
+ struct passdb_ldap_request, 1);
brequest->dn = passdb_ldap_request->dn;
+ brequest->callback = passdb_ldap_request->callback;
+ brequest->request.bind.dn = brequest->dn;
+ brequest->request.bind.request.type = LDAP_REQUEST_TYPE_BIND;
+ brequest->request.bind.request.auth_request = auth_request;
- ldap_auth_bind(conn, brequest);
+ ldap_auth_bind(conn, &brequest->request.bind);
}
}
More information about the dovecot-cvs
mailing list