e604505058
overlay are enabled, attempts to free a buffer that was allocated on the stack * patch: 0017-Fix-segfault-in-nops.patch (bsc#1073313) OBS-URL: https://build.opensuse.org/package/show/network:ldap/openldap2?expand=0&rev=233
36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
diff --git a/servers/slapd/overlays/memberof.c b/servers/slapd/overlays/memberof.c
|
|
index 54c24682a..06945d811 100644
|
|
--- a/servers/slapd/overlays/memberof.c
|
|
+++ b/servers/slapd/overlays/memberof.c
|
|
@@ -360,10 +360,16 @@ memberof_value_modify(
|
|
unsigned long opid = op->o_opid;
|
|
SlapReply rs2 = { REP_RESULT };
|
|
slap_callback cb = { NULL, slap_null_cb, NULL, NULL };
|
|
- Modifications mod[ 2 ] = { { { 0 } } }, *ml;
|
|
- struct berval values[ 4 ], nvalues[ 4 ];
|
|
+ Modifications *mod, *ml;
|
|
+ struct berval *values, *nvalues;
|
|
int mcnt = 0;
|
|
|
|
+ mod = (Modifications*)malloc(2 * sizeof(Modifications));
|
|
+ memset(mod, 0, 2 * sizeof(Modifications));
|
|
+
|
|
+ values = (struct berval*)malloc(4 * sizeof(struct berval));
|
|
+ nvalues = (struct berval*)malloc(4 * sizeof(struct berval));
|
|
+
|
|
op2.o_tag = LDAP_REQ_MODIFY;
|
|
|
|
op2.o_req_dn = *ndn;
|
|
@@ -493,6 +499,11 @@ memberof_value_modify(
|
|
/* restore original opid */
|
|
op->o_opid = opid;
|
|
|
|
+
|
|
+ slap_mods_free( mod, 0 );
|
|
+ free(values);
|
|
+ free(nvalues);
|
|
+
|
|
/* FIXME: if old_group_ndn doesn't exist, both delete __and__
|
|
* add will fail; better split in two operations, although
|
|
* not optimal in terms of performance. At least it would
|