==30037== ==30037== Invalid read of size 8 ==30037== at 0x4C99384: config_set_allowed_to_delete_attrs (libglobs.c:6802) ==30037== by 0x4C99FE8: config_set (libglobs.c:7239) ==30037== by 0x11E7EA: load_config_dse (configdse.c:299) ==30037== by 0x4C7416B: dse_call_callback (dse.c:2421) ==30037== by 0x4C70734: dse_read_one_file (dse.c:799) ==30037== by 0x4C70A00: dse_read_file (dse.c:875) ==30037== by 0x12BE6E: init_dse_file (fedse.c:1612) ==30037== by 0x12C453: setup_internal_backends (fedse.c:1780) ==30037== by 0x12EAE9: main (main.c:840) ==30037== Address 0xe142338 is 8 bytes before a block of size 24 alloc'd ==30037== at 0x4A0887C: malloc (vg_replace_malloc.c:270) ==30037== by 0x4C61BD7: slapi_ch_malloc (ch_malloc.c:155) ==30037== by 0x4C6158E: slapi_str2charray_ext (charray.c:366) ==30037== by 0x4C992B0: config_set_allowed_to_delete_attrs (libglobs.c:6800) ==30037== by 0x4C99FE8: config_set (libglobs.c:7239) ==30037== by 0x11E7EA: load_config_dse (configdse.c:299) ==30037== by 0x4C7416B: dse_call_callback (dse.c:2421) ==30037== by 0x4C70734: dse_read_one_file (dse.c:799) ==30037== by 0x4C70A00: dse_read_file (dse.c:875) ==30037== by 0x12BE6E: init_dse_file (fedse.c:1612) ==30037== by 0x12C453: setup_internal_backends (fedse.c:1780) ==30037== by 0x12EAE9: main (main.c:840) 6784 int 6785 config_set_allowed_to_delete_attrs( const char *attrname, char *value, 6786 char *errorbuf, int apply ) ... 6795 if (apply) { 6796 char *vcopy = slapi_ch_strdup(value); 6797 char **allowed = NULL, **s, *d; 6798 struct config_get_and_set *cgas = 0; 6799 int needcopy = 0; 6800 allowed = slapi_str2charray_ext(vcopy, " ", 0); 6801 for (s = allowed; s && *s; s++) ; 6802 for (--s; s && *s && (s >= allowed); s--) { 6803 cgas = (struct config_get_and_set *)PL_HashTableLookup(confighash, 6804 *s);
In the reported line 6802 for (--s; s && s && (s >= allowed); s--) {, the logic to stop the for loop should be "s && (s >= allowed) && s"?
Description: There was a logic error in checking the availability of a pointer. Before checking the contents of an address, the correctness of the pointer needed to be checked.
git patch file (master) 0001-Ticket-47660-config_set_allowed_to_delete_attrs-Valg.patch
git patch file (master) -- revised with fixing a memleak 0001-Ticket-47660-config_set_allowed_to_delete_attrs-Valg.2.patch
Reviewed by Rich (Thank you!!)
Pushed to master: 72520a2..1a788bf master -> master commit 1a788bf
Pushed to 389-ds-base-1.3.2: 9a1b6da..22c24f0 389-ds-base-1.3.2 -> 389-ds-base-1.3.2 commit 22c24f0
Pushed to 389-ds-base-1.3.1: bc5c678..4aa849f 389-ds-base-1.3.1 -> 389-ds-base-1.3.1 commit 4aa849f
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 1.3.1.18
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/997
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.