#47660 config_set_allowed_to_delete_attrs: Valgrind reports Invalid read
Closed: wontfix None Opened 10 years ago by nhosoi.

==30037==
==30037== Invalid read of size 8
==30037==    at 0x4C99384: config_set_allowed_to_delete_attrs (libglobs.c:6802)
==30037==    by 0x4C99FE8: config_set (libglobs.c:7239)
==30037==    by 0x11E7EA: load_config_dse (configdse.c:299)
==30037==    by 0x4C7416B: dse_call_callback (dse.c:2421)
==30037==    by 0x4C70734: dse_read_one_file (dse.c:799)
==30037==    by 0x4C70A00: dse_read_file (dse.c:875)
==30037==    by 0x12BE6E: init_dse_file (fedse.c:1612)
==30037==    by 0x12C453: setup_internal_backends (fedse.c:1780)
==30037==    by 0x12EAE9: main (main.c:840)
==30037==  Address 0xe142338 is 8 bytes before a block of size 24 alloc'd
==30037==    at 0x4A0887C: malloc (vg_replace_malloc.c:270)
==30037==    by 0x4C61BD7: slapi_ch_malloc (ch_malloc.c:155)
==30037==    by 0x4C6158E: slapi_str2charray_ext (charray.c:366)
==30037==    by 0x4C992B0: config_set_allowed_to_delete_attrs (libglobs.c:6800)
==30037==    by 0x4C99FE8: config_set (libglobs.c:7239)
==30037==    by 0x11E7EA: load_config_dse (configdse.c:299)
==30037==    by 0x4C7416B: dse_call_callback (dse.c:2421)
==30037==    by 0x4C70734: dse_read_one_file (dse.c:799)
==30037==    by 0x4C70A00: dse_read_file (dse.c:875)
==30037==    by 0x12BE6E: init_dse_file (fedse.c:1612)
==30037==    by 0x12C453: setup_internal_backends (fedse.c:1780)
==30037==    by 0x12EAE9: main (main.c:840)



6784 int
6785 config_set_allowed_to_delete_attrs( const char *attrname, char *value,
6786                                     char *errorbuf, int apply )
   ...
6795     if (apply) {
6796         char *vcopy = slapi_ch_strdup(value);
6797         char **allowed = NULL, **s, *d;
6798         struct config_get_and_set *cgas = 0;
6799         int needcopy = 0;
6800         allowed = slapi_str2charray_ext(vcopy, " ", 0);
6801         for (s = allowed; s && *s; s++) ;
6802         for (--s; s && *s && (s >= allowed); s--) {
6803             cgas = (struct config_get_and_set *)PL_HashTableLookup(confighash,
6804                                                                    *s);

In the reported line 6802 for (--s; s && s && (s >= allowed); s--) {,
the logic to stop the for loop should be "s && (s >= allowed) &&
s"?


Description: There was a logic error in checking the availability of
a pointer. Before checking the contents of an address, the correctness
of the pointer needed to be checked.

Reviewed by Rich (Thank you!!)

Pushed to master:
72520a2..1a788bf master -> master
commit 1a788bf

Pushed to 389-ds-base-1.3.2:
9a1b6da..22c24f0 389-ds-base-1.3.2 -> 389-ds-base-1.3.2
commit 22c24f0

Pushed to 389-ds-base-1.3.1:
bc5c678..4aa849f 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
commit 4aa849f

Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone: 1.3.1.18

7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/997

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)

3 years ago

Login to comment on this ticket.

Metadata