autofs-5.0.1 - Fix LDAP result leaks on error paths From: Leonardo Chiquitto <leonardo.lists@gmail.com> According to ldap_search_s(3), the result structure must be freed with ldap_msgfree() even when the search function returned failure. --- modules/lookup_ldap.c | 6 ++++++ 1 file changed, 6 insertions(+) --- autofs-5.0.1.orig/modules/lookup_ldap.c +++ autofs-5.0.1/modules/lookup_ldap.c @@ -385,6 +385,8 @@ static int get_query_dn(unsigned logopt, error(logopt, MODPREFIX "query failed for %s: %s", query, ldap_err2string(rv)); + if (result) + ldap_msgfree(result); return 0; } @@ -1581,6 +1583,8 @@ int lookup_read_master(struct master *ma error(logopt, MODPREFIX "query failed for %s: %s", query, ldap_err2string(rv)); unbind_ldap_connection(logging, ldap, ctxt); + if (result) + ldap_msgfree(result); return NSS_STATUS_NOTFOUND; } @@ -2583,6 +2587,8 @@ static int lookup_one(struct autofs_poin if ((rv != LDAP_SUCCESS) || !result) { crit(ap->logopt, MODPREFIX "query failed for %s", query); unbind_ldap_connection(ap->logopt, ldap, ctxt); + if (result) + ldap_msgfree(result); return CHE_FAIL; }