From: Ken Raeburn <raeburn@mit.edu>
Date: Tue, 10 Oct 2006 23:56:46 +0000 (+0000)
Subject: Memory management and Solaris porting fixes from Will Fiveash
X-Git-Tag: krb5-1.6-alpha1~80
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c04f95ab6c9e2631cf05a53af136f9c846ed2063;p=krb5.git

Memory management and Solaris porting fixes from Will Fiveash

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18673 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
index 6a767fe68..aa9388adc 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
@@ -1632,7 +1632,7 @@ krb5_ldap_get_reference_count (krb5_context context, char *dn, char *refattr,
 	int n;
 
 	LDAP_SEARCH(subtree[i],
-		    LDAP_SCOPE_SUB,
+		    LDAP_SCOPE_SUBTREE,
 		    filter,
 		    refcntattr);
 	n = ldap_count_entries (ld, result);
@@ -1706,6 +1706,7 @@ krb5_error_code krb5_ldap_policydn_to_name (context, policy_dn, name)
 	goto cleanup;
     }
 
+#if defined HAVE_LDAP_STR2DN
     {
 	char *rdn;
 	LDAPDN dn;
@@ -1719,11 +1720,39 @@ krb5_error_code krb5_ldap_policydn_to_name (context, policy_dn, name)
 	    st = EINVAL;
 	else if (strcasecmp (dn[0][0]->la_attr.bv_val, "cn") != 0)
 	    st = EINVAL;
-	else
+	else {
 	    *name = strndup(dn[0][0]->la_value.bv_val, dn[0][0]->la_value.bv_len);
+	    if (*name == NULL)
+		st = EINVAL;
+	}
 
 	ldap_memfree (dn);
     }
+#elif defined HAVE_LDAP_EXPLODE_DN
+    {
+	char *parsed_dn;
+
+	parsed_dn = ldap_explode_dn(policy_dn, 0);
+	if (parsed_dn == NULL) {
+	    st = EINVAL;
+	}
+	else {
+	    if (strncasecmp(parsed_dn[0], "cn=", 3) != 0) {
+		st = EINVAL;
+	    }
+	    else {
+		*name = strdup(parsed_dn[0]);
+		if (*name == NULL)
+		    st = EINVAL;
+	    }
+
+	    ldap_value_free(parsed_dn);
+	}
+    }
+#else
+    st = EINVAL;
+#endif
+
 cleanup:
     return st;
 }
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
index cb0d4c50f..2a28a4e0e 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
@@ -614,7 +614,7 @@ krb5_encode_krbsecretkey(krb5_key_data *key_data, int n_key_data) {
 	if (key_data[i].key_data_kvno != key_data[i + 1].key_data_kvno)
 	    num_versions++;
 
-    ret = (struct berval **) malloc (num_versions * sizeof (struct berval *) + 1);
+    ret = (struct berval **) malloc ((num_versions + 1) * sizeof (struct berval *));
     for (i = 0, last = 0, j = 0, currkvno = key_data[0].key_data_kvno; i < n_key_data; i++) {
 	krb5_data *code;
 	if (i == n_key_data - 1 || key_data[i + 1].key_data_kvno != currkvno) {
@@ -1067,8 +1067,8 @@ krb5_ldap_put_principal(context, entries, nentries, db_args)
 	    }
 	    if (count != 0) {
 		int j;
-		ber_tl_data = (struct berval **) calloc (count, sizeof (struct
-									berval*));
+		ber_tl_data = (struct berval **) calloc (count + 1,
+							 sizeof (struct berval*));
 		for (j = 0, ptr = entries->tl_data; ptr != NULL; ptr = ptr->tl_data_next) {
 		    /* Ignore tl_data that are stored in separate directory
 		     * attributes */
@@ -1091,6 +1091,7 @@ krb5_ldap_put_principal(context, entries, nentries, db_args)
 		    free (ber_tl_data);
 		    goto cleanup;
 		}
+		ber_tl_data[count] = NULL;
 		if ((st=krb5_add_ber_mem_ldap_mod(&mods, "krbExtraData",
 						  LDAP_MOD_REPLACE | LDAP_MOD_BVALUES,
 						  ber_tl_data)) != 0)