First Last Prev Next    This bug is not in your last search results.
Bug 30263 - Memory leaks, memory corruption, performance problems
Memory leaks, memory corruption, performance problems
Status: REOPENED
Product: UCS
Classification: Unclassified
Component: Listener (univention-directory-listener)
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-02-04 11:04 CET by Philipp Hahn
Modified: 2019-01-12 16:43 CET (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Cleanup
Max CVSS v3 score:
hahn: Patch_Available+

Attachments
Concatenated patch series (126.50 KB, patch)
2013-02-04 22:21 CET, Philipp Hahn 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2013-02-04 11:04:28 CET 
While helping with Bug #30165 and working on Bug #30227 several memory leaks, memory corruption issues, performance issues and suspect code have been identified.
A patch series consisting of 24 patches is available from
  git --git-dir ~phahn/GIT/.git log --p ucs-3.1/master..ucs-3.1/listener

8d8bd7c Bug #30227: listener: fix binary data corruption
4bdd2f1 Bug #30227: listener: assert null termination
3f8e25f Bug #30227: listener: allocation checking
7904df6 Bug #30227: listener: simplify pointer logic
3d7de08 Bug #30227: listener: convert if() to switch()
bf75fd3 Bug #30227: listener: white space cleanup
bd60106 Bug #30227: listener: handle allocation failures
a1794f2 Bug #30227: listener: change function signature
9f3a375 Bug #30227: listener: magic types
343a4d1 Bug #30227: listener: skip strdup(dn)
42cfb86 Bug #30227: listener: rewrite copy_cache
307c0ec Bug #30227: listener: Rename cursors
bbe637c Bug #30227: listener: declare functions extern
52c1d23 Bug #30227: listener: white space cleanup
51f742c Bug #30227: listener: fix ucr memory leak
681346f Bug #30227: listener: Handle allocation failure
e371999 Bug #30227: listener: list entry
378b0cd Bug #30227: listener: simplify repeated dereference
73c2afe Bug #30227: listener: simplify next value loop
8d35838 Bug #30227: listener: simplify indirect pointers
edd7294 Bug #30227: listener: Fix NULL check
a65e153 Bug #30227: listener: error by default
a47cd98 Bug #30227: listener: dn memory leak
b106791 Bug #30227: listener: use local dn variable
Comment 1 Philipp Hahn univentionstaff 2013-02-04 22:21:29 CET 
Created attachment 5044 [details]
Concatenated patch series
Comment 2 Philipp Hahn univentionstaff 2014-03-13 14:41:21 CET 
diff --git a/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/cache.c b/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/cache.c
index a07bc54..cd70838 100644
--- a/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/cache.c
+++ b/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/cache.c
@@ -631,7 +631,7 @@ int cache_next_entry(DBC **cur, char **dn, CacheEntry *entry)
                return cache_next_entry(cur, dn, entry);
        }
 
-       if (!*dn)
+       if (*dn)
                free(*dn);
        *dn = strdup(key.data);
 
diff --git a/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/change.c b/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/change.c
index 3666f8a..6dfc32a 100644
--- a/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/change.c
+++ b/branches/ucs-3.2/ucs-3.2-1/management/univention-directory-listener/src/change.c
@@ -99,7 +99,7 @@ int change_init_module(univention_ldap_parameters_t *lp, Handler *handler)
                cache_update_or_deleteifunused_entry(0, dn, &cache_entry);
                cache_free_entry(&dn, &cache_entry);
        }
-       if(!dn)
+       if(dn)
                free(dn);
 
        univention_debug(UV_DEBUG_LISTENER, UV_DEBUG_INFO,
Comment 3 Philipp Hahn univentionstaff 2016-06-07 18:13:44 CEST 
r69906 | Bug #41261 UDL: Fix free(NULL)
r69899 | Bug #30263 UDL: Allocate filenames on stack

Package: univention-directory-listener
Version: 10.0.0-11.315.201606071717
Branch: ucs_4.1-0
Scope: errata4.1-2

r69910 | Bug #22383,Bug #30227,Bug #30263,Bug #34324,Bug #34507,Bug #34738,Bug #3490,Bug #38696,Bug #39509,Bug #40600,Bug #41261: UDL YAML
 univention-directory-listener.yaml
Comment 4 Stefan Gohmann univentionstaff 2019-01-03 07:22:23 CET 
This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018.

Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact
your partner or Univention for any questions.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.
First Last Prev Next    This bug is not in your last search results.