IBM Support

IO11407: memory leak if ldap_explode_dn() is called with an empty string

Direct links to fixes

6.0.0.78-ISS-ITDS-SolarisSparc-IF0078
6.0.0.78-ISS-ITDS-Linuxz31-IF0078
6.0.0.78-ISS-ITDS-Linux32-IF0078
6.0.0.78-ISS-ITDS-HPUXPARISC-IF0078
6.0.0.78-ISS-ITDS-HPUXIA64-IF0078
6.0.0.78-ISS-ITDS-AIX-IF0078
6.0.0.78-ISS-ITDS-Win32-IF0078
6.0.0.77-ISS-ITDS-Win32-IF0077
6.0.0.77-ISS-ITDS-SolarisX64-IF0077
6.0.0.77-ISS-ITDS-SolarisSparc-IF0077
6.0.0.77-ISS-ITDS-Linuxz31-IF0077
6.0.0.77-ISS-ITDS-Linuxip32-IF0077
6.0.0.77-ISS-ITDS-Linux32-IF0077
6.0.0.77-ISS-ITDS-HPUXPARISC-IF0077
6.0.0.77-ISS-ITDS-HPUXIA64-IF0077
6.0.0.77-ISS-ITDS-AIX-IF0077
6.0.0.76-ISS-ITDS-Win32-IF0076
6.0.0.76-ISS-ITDS-SolarisX64-IF0076
6.0.0.76-ISS-ITDS-SolarisSparc-IF0076
6.0.0.76-ISS-ITDS-Linuxz31-IF0076
6.0.0.76-ISS-ITDS-Linuxip32-IF0076
6.0.0.76-ISS-ITDS-Linux32-IF0076
6.0.0.76-ISS-ITDS-HPUXPARISC-IF0076
6.0.0.76-ISS-ITDS-HPUXIA64-IF0076
6.0.0.76-ISS-ITDS-AIX-IF0076
6.0.0.75-ISS-ITDS-Win32-IF0075
6.0.0.75-ISS-ITDS-SolarisX64-IF0075
6.0.0.75-ISS-ITDS-SolarisSparc-IF0075
6.0.0.75-ISS-ITDS-Linuxz31-IF0075
6.0.0.75-ISS-ITDS-Linuxip32-IF0075
6.0.0.75-ISS-ITDS-Linux32-IF0075
6.0.0.75-ISS-ITDS-HPUXPARISC-IF0075
6.0.0.75-ISS-ITDS-HPUXIA64-IF0075
6.0.0.75-ISS-ITDS-AIX-IF0075
6.0.0.74-ISS-ITDS-Win32-IF0074
6.0.0.74-ISS-ITDS-SolarisX64-IF0074
6.0.0.74-ISS-ITDS-SolarisSparc-IF0074
6.0.0.74-ISS-ITDS-Linuxz31-IF0074
6.0.0.74-ISS-ITDS-Linuxip32-IF0074
6.0.0.74-ISS-ITDS-Linux32-IF0074
6.0.0.74-ISS-ITDS-HPUXPARISC-IF0074
6.0.0.74-ISS-ITDS-HPUXIA64-IF0074
6.0.0.74-ISS-ITDS-AIX-IF0074
6.0.0.73-ISS-ITDS-Win32-IF0073
6.0.0.73-ISS-ITDS-SolarisX64-IF0073
6.0.0.73-ISS-ITDS-SolarisSparc-IF0073
6.0.0.73-ISS-ITDS-Linuxz31-IF0073
6.0.0.73-ISS-ITDS-Linuxip32-IF0073
6.0.0.73-ISS-ITDS-Linux32-IF0073
6.0.0.73-ISS-ITDS-HPUXPARISC-IF0073
6.0.0.73-ISS-ITDS-HPUXIA64-IF0073
6.0.0.73-ISS-ITDS-AIX-IF0073
Tivoli Directory Server, Version 6.0.0.72-ISS-ITDS-IF0072

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Some memory is not released when ldap_explode_dn is called with
    an empty string. It seems that the ldap_explode_dn function
    doesn't release some temporary memory that it allocates. This
    leak exists only if the first parameter passed to the function
    is an empty string (equals to "").
    
    This can be checked with this code :
    
       #include <ldap.h>
    
       int main()
       {
          char **p;
          char *str="";
          while(1)
          {
             p = ldap_explode_dn(str, 0);
             ldap_value_free(p);
             Sleep(100);
          }
          return 0;
       }
    
    For each cycle of the while loop there is an increase of 4k in
    memory utilization which continues to increase.
    

Local fix

  • Don't do that
    

Problem summary

  • ldap_explode_dn2() returned without freeing temporary storage in
    this case. Additional checking has been added to avoid this.
    

Problem conclusion

  • The fix for this APAR is contained in the following maintenance
    packages:
    | interim fix | 6.0.0.8-TIV-ITDS-IF0003 |
    

Temporary fix

Comments

APAR Information

  • APAR number

    IO11407

  • Reported component name

    IBM TIV DIR SER

  • Reported component ID

    5724J3960

  • Reported release

    600

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2009-10-31

  • Closed date

    2009-10-31

  • Last modified date

    2009-10-31

  • APAR is sysrouted FROM one or more of the following:

    IO11208

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    IBM TIV DIR SER

  • Fixed component ID

    5724J3960

Applicable component levels

  • R600 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSVJJU","label":"IBM Security Directory Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"600","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
09 February 2022