]> git.ipfire.org Git - thirdparty/openldap.git/commitdiff
projects / thirdparty / openldap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4d17376)
ITS#10447 back-ldap/slapo-chain: plug leak in ldap_chain_parse_ctrl()
authorHoward Chu <hyc@openldap.org>
Fri, 6 Feb 2026 15:57:51 +0000 (15:57 +0000)
committerHoward Chu <hyc@openldap.org>
Fri, 6 Feb 2026 15:57:51 +0000 (15:57 +0000)
servers/slapd/back-ldap/chain.c patch | blob | blame | history

diff --git a/servers/slapd/back-ldap/chain.c b/servers/slapd/back-ldap/chain.c
index a789e7a20f24491dce004e6b7390198604cd1f96..fa815c5c7a78a2334e3a9f156036d2a4510f2432 100644 (file)
--- a/servers/slapd/back-ldap/chain.c
+++ b/servers/slapd/back-ldap/chain.c
@@ -2230,6 +2230,8 @@ ldap_chain_parse_ctrl(
                 * should we accept no enumerations at all? */
                if ( tag != LBER_ENUMERATED ) {
                        rs->sr_text = "Chaining behavior control: resolveBehavior decoding error";
+fail:
+                       ber_free( ber, 1 );
                        return LDAP_PROTOCOL_ERROR;
                }
 
@@ -2252,7 +2254,7 @@ ldap_chain_parse_ctrl(
 
                default:
                        rs->sr_text = "Chaining behavior control: unknown resolveBehavior";
-                       return LDAP_PROTOCOL_ERROR;
+                       goto fail;
                }
 
                tag = ber_peek_tag( ber, &len );
@@ -2260,7 +2262,7 @@ ldap_chain_parse_ctrl(
                        tag = ber_scanf( ber, "e", &behavior );
                        if ( tag == LBER_ERROR ) {
                                rs->sr_text = "Chaining behavior control: continuationBehavior decoding error";
-                               return LDAP_PROTOCOL_ERROR;
+                               goto fail;
                        }
                }
 
@@ -2287,13 +2289,13 @@ ldap_chain_parse_ctrl(
 
                        default:
                                rs->sr_text = "Chaining behavior control: unknown continuationBehavior";
-                               return LDAP_PROTOCOL_ERROR;
+                               goto fail;
                        }
                }
 
                if ( ( ber_scanf( ber, /* { */ "}") ) == LBER_ERROR ) {
                        rs->sr_text = "Chaining behavior control: decoding error";
-                       return LDAP_PROTOCOL_ERROR;
+                       goto fail;
                }
 
                (void) ber_free( ber, 1 );
Mirror of https://git.openldap.org/openldap/openldap.git