search

noirello / bonsai

Simple Python 3 module for LDAP, using libldap2 and winldap C libraries.
MIT License
116 stars 32 forks source link

native memleak in `ldap-xplat.c` (`ldap_init_thread_func`) #85

Open dafanasiev opened 8 months ago

dafanasiev commented 8 months ago

In ldap-xplat.c#L714 you allocate LDAP.

  1. before ldap_initialize call just null LDAP*:

    data->ld = NULL;

  2. ldap_set_option also calls can return other than LDAP_SUCCESS result, so we need to control this (for example):

    ...
rc = ldap_set_option(data->ld, LDAP_OPT_REFERRALS, ref_opt);
if (rc != LDAP_SUCCESS) {
    data->retval = rc;
    goto end;
}
...

  3. and finally at the end label we need to free LDAP struct if we have problems (and allocate it):

    end:
// added:
if(data->retval != LDAP_SUCCESS){
    ldap_destroy(data->ld);
    data->ld = NULL;
}
noirello commented 8 months ago

Are you sure about this memory leak?

It isn't exactly straight forward, but I think the LDAP structure will be freed eventually during the deallocation of the LDAPConnection here with the ldap_unbind_ext function.

dafanasiev commented 8 months ago

Hmm... I prefer to clean up the resources where the error occurred. Because there is no way to restore the ldpa connection state.