ext_kerberos_ldap_group_acl: Improve LDAPMessage freeing (#2181)

author Joshua Rogers <MegaManSec@users.noreply.github.com>

Sat, 6 Sep 2025 12:34:22 +0000 (12:34 +0000)

committer Amos Jeffries <yadij@users.noreply.github.com>

Sun, 7 Sep 2025 02:29:45 +0000 (14:29 +1200)
author Joshua Rogers <MegaManSec@users.noreply.github.com>
Sat, 6 Sep 2025 12:34:22 +0000 (12:34 +0000)
committer Amos Jeffries <yadij@users.noreply.github.com>
Sun, 7 Sep 2025 02:29:45 +0000 (14:29 +1200)
diff --git a/src/acl/external/kerberos_ldap_group/support_ldap.cc b/src/acl/external/kerberos_ldap_group/support_ldap.cc

index 20011f1543b828ad90b914de4d3de346352c8538..94787497b5056e1126f5785b034e14d112a9d9b6 100644 (file)
--- a/src/acl/external/kerberos_ldap_group/support_ldap.cc
+++ b/src/acl/external/kerberos_ldap_group/support_ldap.cc
@@ -298,7 +298,7 @@ escape_filter(char *filter)
  int
  check_AD(struct main_args *margs, LDAP * ld)
  {
-    LDAPMessage *res;
+    LDAPMessage *res = nullptr;
      char **attr_value = nullptr;
      struct timeval searchtime;
      size_t max_attr = 0;
@@ -322,6 +322,7 @@ check_AD(struct main_args *margs, LDAP * ld)
  
      if (max_attr == 1) {
          ldap_msgfree(res);
+        res = nullptr;
          debug((char *)
                "%s| %s: DEBUG: Search ldap server with bind path %s and filter: %s\n",
                LogTime(), PROGRAM, attr_value[0], FILTER_SAM);
@@ -350,6 +351,7 @@ check_AD(struct main_args *margs, LDAP * ld)
          safe_free(attr_value);
      }
      ldap_msgfree(res);
+    res = nullptr;
      return rc;
  }
author	Joshua Rogers <MegaManSec@users.noreply.github.com>
	Sat, 6 Sep 2025 12:34:22 +0000 (12:34 +0000)
committer	Amos Jeffries <yadij@users.noreply.github.com>
	Sun, 7 Sep 2025 02:29:45 +0000 (14:29 +1200)