diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2017-12-21 17:44:23 -0500 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2017-12-21 17:44:23 -0500 |
commit | 37f9b60d5e09d000e836a905559326775c81831f (patch) | |
tree | 56b5ba0e71d62099a56b3f01261cec34c62858cd | |
parent | d4083effab0f9bf76528d5c47198b17e7471ed13 (diff) | |
download | lighttpd-git-37f9b60d5e09d000e836a905559326775c81831f.tar.gz |
[mod_authn_ldap] fix mem leak when ldap auth fails (fixes #2849)
thx, codehero
x-ref:
"Linux OOM kills lighttpd when using mod_authn_ldap"
https://redmine.lighttpd.net/issues/2849
-rw-r--r-- | src/mod_authn_ldap.c | 10 | ||||
-rw-r--r-- | src/mod_vhostdb_ldap.c | 8 |
2 files changed, 9 insertions, 9 deletions
diff --git a/src/mod_authn_ldap.c b/src/mod_authn_ldap.c index c2e793d1..3e75cf10 100644 --- a/src/mod_authn_ldap.c +++ b/src/mod_authn_ldap.c @@ -398,7 +398,7 @@ static LDAP * mod_authn_ldap_host_init(server *srv, plugin_config *s) { ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ret); if (LDAP_OPT_SUCCESS != ret) { mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_set_options()", ret); - ldap_memfree(ld); + ldap_destroy(ld); return NULL; } @@ -412,7 +412,7 @@ static LDAP * mod_authn_ldap_host_init(server *srv, plugin_config *s) { mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_set_option(LDAP_OPT_X_TLS_CACERTFILE)", ret); - ldap_memfree(ld); + ldap_destroy(ld); return NULL; } } @@ -420,7 +420,7 @@ static LDAP * mod_authn_ldap_host_init(server *srv, plugin_config *s) { ret = ldap_start_tls_s(ld, NULL, NULL); if (LDAP_OPT_SUCCESS != ret) { mod_authn_ldap_err(srv,__FILE__,__LINE__,"ldap_start_tls_s()",ret); - ldap_memfree(ld); + ldap_destroy(ld); return NULL; } } @@ -490,7 +490,7 @@ static LDAPMessage * mod_authn_ldap_search(server *srv, plugin_config *s, char * s->auth_ldap_bindpw->ptr) : mod_authn_ldap_bind(srv, s->ldap, NULL, NULL); if (LDAP_SUCCESS != ret) { - ldap_memfree(s->ldap); + ldap_destroy(s->ldap); s->ldap = NULL; return NULL; } @@ -635,7 +635,7 @@ static handler_t mod_authn_ldap_basic(server *srv, connection *con, void *p_d, c } if (LDAP_SUCCESS != mod_authn_ldap_bind(srv, ld, dn, pw)) { - ldap_memfree(ld); + ldap_destroy(ld); if (dn != p->ldap_filter->ptr) ldap_memfree(dn); return HANDLER_ERROR; } diff --git a/src/mod_vhostdb_ldap.c b/src/mod_vhostdb_ldap.c index 459d7d60..4f7e2a5f 100644 --- a/src/mod_vhostdb_ldap.c +++ b/src/mod_vhostdb_ldap.c @@ -251,7 +251,7 @@ static LDAP * mod_authn_ldap_host_init(server *srv, vhostdb_config *s) { ret = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ret); if (LDAP_OPT_SUCCESS != ret) { mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_set_options()", ret); - ldap_memfree(ld); + ldap_destroy(ld); return NULL; } @@ -264,7 +264,7 @@ static LDAP * mod_authn_ldap_host_init(server *srv, vhostdb_config *s) { mod_authn_ldap_err(srv, __FILE__, __LINE__, "ldap_set_option(LDAP_OPT_X_TLS_CACERTFILE)", ret); - ldap_memfree(ld); + ldap_destroy(ld); return NULL; } } @@ -272,7 +272,7 @@ static LDAP * mod_authn_ldap_host_init(server *srv, vhostdb_config *s) { ret = ldap_start_tls_s(ld, NULL, NULL); if (LDAP_OPT_SUCCESS != ret) { mod_authn_ldap_err(srv,__FILE__,__LINE__,"ldap_start_tls_s()",ret); - ldap_memfree(ld); + ldap_destroy(ld); return NULL; } } @@ -338,7 +338,7 @@ static LDAPMessage * mod_authn_ldap_search(server *srv, vhostdb_config *s, char ret = mod_authn_ldap_bind(srv, s->ldap, s->binddn, s->bindpw); if (LDAP_SUCCESS != ret) { - ldap_memfree(s->ldap); + ldap_destroy(s->ldap); s->ldap = NULL; return NULL; } |