ldb_dn_copy(): should we take a talloc_reference?
Andrew Bartlett
abartlet at samba.org
Thu Feb 8 03:26:22 UTC 2018
G'Day,
A while back Garming looked into a bug where an LDB DN was copied.
The issue is that ldb_dn_copy() does not copy over the 'ldb' element.
This is all fine until a schema-aware operation is required, such as
getting the casefolded DN. Then we don't do so well, segfaulting in
ldb_dn_casefold_internal() when ldb_schema_attribute_by_name() is
called on dn->ldb.
Thankfully this isn't done often, and when it is done the full case-
folded DN is still valid and no further work is needed.
But is isn't OK, and we should fix it.
However, what is harder is working out the right fix.
* On one hand, I would say that the answer is to make the struct ldb_dn
take a talloc_reference() to the ldb and assign the element in
ldb_dn_copy(). (We would then also need to take the reference in
ldb_dn_new()). On the other, I can hear the howls of protest already.
* We could just copy the ldb element and just make it explicit that it
is the caller's problem
* We could deprecate ldb_dn_copy() and create a new version with an
extra argument for the ldb the DN should gain.
We should also make the python code take a reference to the LDB and
destroy that reference when the Dn goes out of scope. (It doesn't
currently).
Any thoughts most welcome,
Thanks,
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list