Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 29794 invoked from network); 14 Apr 2004 14:42:23 -0000 Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12) by minotaur-2.apache.org with SMTP; 14 Apr 2004 14:42:23 -0000 Received: (qmail 81417 invoked by uid 500); 14 Apr 2004 14:41:25 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 81349 invoked by uid 500); 14 Apr 2004 14:41:24 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 81302 invoked by uid 500); 14 Apr 2004 14:41:24 -0000 Delivered-To: apmail-httpd-2.0-cvs@apache.org Received: (qmail 81282 invoked from network); 14 Apr 2004 14:41:24 -0000 Received: from unknown (HELO minotaur.apache.org) (209.237.227.194) by daedalus.apache.org with SMTP; 14 Apr 2004 14:41:24 -0000 Received: (qmail 28990 invoked by uid 1285); 14 Apr 2004 14:41:28 -0000 Date: 14 Apr 2004 14:41:28 -0000 Message-ID: <20040414144128.28988.qmail@minotaur.apache.org> From: bnicholes@apache.org To: httpd-2.0-cvs@apache.org Subject: cvs commit: httpd-2.0/modules/experimental util_ldap.c X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N bnicholes 2004/04/14 07:41:28 Modified: modules/experimental util_ldap.c Log: Don't repeatedly allocate the binddn and bindpw from the st->pool (pconf pool) in order to avoid uncontrolled memory allocations. Revision Changes Path 1.24 +59 -34 httpd-2.0/modules/experimental/util_ldap.c Index: util_ldap.c =================================================================== RCS file: /home/cvs/httpd-2.0/modules/experimental/util_ldap.c,v retrieving revision 1.23 retrieving revision 1.24 diff -u -r1.23 -r1.24 --- util_ldap.c 2 Apr 2004 23:17:29 -0000 1.23 +++ util_ldap.c 14 Apr 2004 14:41:28 -0000 1.24 @@ -88,6 +88,20 @@ "\"http://www.w3.org/TR/REC-html40/frameset.dtd\">\n" #endif + +static void util_ldap_strdup (char *str, const char *newstr) +{ + if (str) { + free(str); + str = NULL; + } + + if (newstr) { + str = calloc(1, strlen(newstr)+1); + strcpy (str, newstr); + } +} + /* * Status Handler * -------------- @@ -179,25 +193,36 @@ { util_ldap_connection_t *ldc = param; - /* unbinding from the LDAP server */ - if (ldc->ldap) { - ldap_unbind_s(ldc->ldap); - ldc->bound = 0; - ldc->ldap = NULL; - } + if (ldc) { + + /* unbinding from the LDAP server */ + if (ldc->ldap) { + ldap_unbind_s(ldc->ldap); + ldc->bound = 0; + ldc->ldap = NULL; + } + + if (ldc->bindpw) { + free((void*)ldc->bindpw); + } + + if (ldc->binddn) { + free((void*)ldc->binddn); + } - /* release the lock we were using. The lock should have - already been released in the close connection call. - But just in case it wasn't, we first try to get the lock - before unlocking it to avoid unlocking an unheld lock. - Unlocking an unheld lock causes problems on NetWare. The - other option would be to assume that close connection did - its job. */ + /* release the lock we were using. The lock should have + already been released in the close connection call. + But just in case it wasn't, we first try to get the lock + before unlocking it to avoid unlocking an unheld lock. + Unlocking an unheld lock causes problems on NetWare. The + other option would be to assume that close connection did + its job. */ #if APR_HAS_THREADS - apr_thread_mutex_trylock(ldc->lock); - apr_thread_mutex_unlock(ldc->lock); + apr_thread_mutex_trylock(ldc->lock); + apr_thread_mutex_unlock(ldc->lock); #endif + } return APR_SUCCESS; } @@ -290,11 +315,6 @@ /* always default to LDAP V3 */ ldap_set_option(ldc->ldap, LDAP_OPT_PROTOCOL_VERSION, &version); - - /* add the cleanup to the pool */ - apr_pool_cleanup_register(ldc->pool, ldc, - util_ldap_connection_destroy, - apr_pool_cleanup_null); } @@ -395,8 +415,8 @@ /* the bind credentials have changed */ l->bound = 0; - l->binddn = apr_pstrdup(st->pool, binddn); - l->bindpw = apr_pstrdup(st->pool, bindpw); + util_ldap_strdup((char*)l->binddn, binddn); + util_ldap_strdup((char*)l->bindpw, bindpw); break; } #if APR_HAS_THREADS @@ -434,10 +454,15 @@ l->host = apr_pstrdup(st->pool, host); l->port = port; l->deref = deref; - l->binddn = apr_pstrdup(st->pool, binddn); - l->bindpw = apr_pstrdup(st->pool, bindpw); + util_ldap_strdup((char*)l->binddn, binddn); + util_ldap_strdup((char*)l->bindpw, bindpw); l->secure = secure; + /* add the cleanup to the pool */ + apr_pool_cleanup_register(l->pool, l, + util_ldap_connection_destroy, + apr_pool_cleanup_null); + if (p) { p->next = l; } @@ -817,7 +842,7 @@ /* Grab the dn, copy it into the pool, and free it again */ dn = ldap_get_dn(ldc->ldap, entry); - *binddn = apr_pstrdup(st->pool, dn); + *binddn = apr_pstrdup(r->pool, dn); ldap_memfree(dn); /* @@ -861,8 +886,8 @@ * it is bound to the original user id specified ldc->binddn when in fact it is * bound to a completely different user id. */ - ldc->binddn = apr_pstrdup(st->pool, *binddn); - ldc->bindpw = apr_pstrdup(st->pool, bindpw); + util_ldap_strdup((char*)ldc->binddn, *binddn); + util_ldap_strdup((char*)ldc->bindpw, bindpw); } /* @@ -893,17 +918,17 @@ /* * Add the new username to the search cache. */ - LDAP_CACHE_WRLOCK(); - the_search_node.username = filter; - the_search_node.dn = *binddn; - the_search_node.bindpw = bindpw; - the_search_node.lastbind = apr_time_now(); - the_search_node.vals = vals; if (curl) { + LDAP_CACHE_WRLOCK(); + the_search_node.username = filter; + the_search_node.dn = *binddn; + the_search_node.bindpw = bindpw; + the_search_node.lastbind = apr_time_now(); + the_search_node.vals = vals; util_ald_cache_insert(curl->search_cache, &the_search_node); + LDAP_CACHE_UNLOCK(); } ldap_msgfree(res); - LDAP_CACHE_UNLOCK(); ldc->reason = "Authentication successful"; return LDAP_SUCCESS;