r16825: Make ldb_sainity_check() set an error string. This makes it much

easier to chase down what modules or application code gets wrong.

Ensure not to leave memory allocated on failure in ldb_search()

Andrew Bartlett
(This used to be commit 0828739951ed879640f8ed6e4700d8ca6b8221b8)

diff --git a/source4/lib/ldb/common/ldb.c b/source4/lib/ldb/common/ldb.c
index 5228eeb6b3b1c1ae6ed0c10aef004a2c718b200e..c059646629d604b78e10d9ccdd12997d7b7d52cf 100644 (file)
--- a/source4/lib/ldb/common/ldb.c
+++ b/source4/lib/ldb/common/ldb.c
@@ -527,11 +527,8 @@ int ldb_search(struct ldb_context *ldb,
        struct ldb_request *req;
        int ret;
 
-       *res = talloc_zero(ldb, struct ldb_result);
-       if (! *res) {
-               return LDB_ERR_OPERATIONS_ERROR;
-       }
-
+       *res = NULL;
+       
        req = talloc(ldb, struct ldb_request);
        if (req == NULL) {
                ldb_set_errstring(ldb, talloc_strdup(ldb, "Out of memory!"));
@@ -549,6 +546,12 @@ int ldb_search(struct ldb_context *ldb,
                return LDB_ERR_OPERATIONS_ERROR;
        }
 
+       *res = talloc_zero(ldb, struct ldb_result);
+       if (! *res) {
+               talloc_free(req);
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+
        req->op.search.attrs = attrs;
        req->controls = NULL;
        req->async.context = res;
@@ -581,9 +584,11 @@ int ldb_add(struct ldb_context *ldb,
        struct ldb_request *req;
        int ret;
 
-       ret = ldb_msg_sanity_check(message);
-       if (ret != LDB_SUCCESS) return ret;
-
+       ret = ldb_msg_sanity_check(ldb, message);
+       if (ret != LDB_SUCCESS) {
+               return ret;
+       }
+               
        req = talloc(ldb, struct ldb_request);
        if (req == NULL) {
                ldb_set_errstring(ldb, talloc_strdup(ldb, "Out of memory!"));
@@ -613,7 +618,7 @@ int ldb_modify(struct ldb_context *ldb,
        struct ldb_request *req;
        int ret;
 
-       ret = ldb_msg_sanity_check(message);
+       ret = ldb_msg_sanity_check(ldb, message);
        if (ret != LDB_SUCCESS) return ret;
 
        req = talloc(ldb, struct ldb_request);

diff --git a/source4/lib/ldb/common/ldb_msg.c b/source4/lib/ldb/common/ldb_msg.c
index bae17e7046d5a42d75c307b14eb3aee282f110eb..797d050975ca44a559dff88d206696e7782901fc 100644 (file)
--- a/source4/lib/ldb/common/ldb_msg.c
+++ b/source4/lib/ldb/common/ldb_msg.c
@@ -550,18 +550,20 @@ struct ldb_message *ldb_msg_diff(struct ldb_context *ldb,
        return mod;
 }
 
-int ldb_msg_sanity_check(const struct ldb_message *msg)
+int ldb_msg_sanity_check(struct ldb_context *ldb, 
+                        const struct ldb_message *msg)
 {
        int i, j;
 
        /* basic check on DN */
        if (msg->dn == NULL) {
                /* TODO: return also an error string */
+               ldb_set_errstring(ldb, talloc_strdup(ldb, "ldb message lacks a DN!"));
                return LDB_ERR_INVALID_DN_SYNTAX;
        }
        if (msg->dn->comp_num == 0) {
                /* root dse has empty dn */
-               /* TODO: return also an error string */
+               ldb_set_errstring(ldb, talloc_strdup(ldb, "DN on new ldb message is '' (not permitted)!"));
                return LDB_ERR_ENTRY_ALREADY_EXISTS;
        }
 
@@ -569,8 +571,13 @@ int ldb_msg_sanity_check(const struct ldb_message *msg)
        for (i = 0; i < msg->num_elements; i++) {
                for (j = 0; j < msg->elements[i].num_values; j++) {
                        if (msg->elements[i].values[j].length == 0) {
+                               TALLOC_CTX *mem_ctx = talloc_new(ldb);
                                /* an attribute cannot be empty */
                                /* TODO: return also an error string */
+                               ldb_set_errstring(ldb, talloc_asprintf(mem_ctx, "Element %s has empty attribute in ldb message (%s)!",
+                                                                      msg->elements[i].name, 
+                                                                      ldb_dn_linearize(mem_ctx, msg->dn)));
+                               talloc_free(mem_ctx);
                                return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
                        }
                }

diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index b684b03ef4260ac93fce155f6c51f61523732a4e..2f0464b9532ce8e71401dddeb9272a059dc37ec1 100644 (file)
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -1207,7 +1207,8 @@ int ldb_msg_check_string_attribute(const struct ldb_message *msg,
    LDB_ERR_INVALID_ATTRIBUTE_SYNTAX) if there is a problem with a
    message.
 */
-int ldb_msg_sanity_check(const struct ldb_message *msg);
+int ldb_msg_sanity_check(struct ldb_context *ldb,
+                        const struct ldb_message *msg);
 
 /**
    Duplicate an ldb_val structure

diff --git a/source4/lib/ldb/modules/objectclass.c b/source4/lib/ldb/modules/objectclass.c
index efe93be3d41ba4c8e230041b95ac7ec893c7034d..473d5a3e6fa481807ed99c0df9c056f31eb7dfd7 100644 (file)
--- a/source4/lib/ldb/modules/objectclass.c
+++ b/source4/lib/ldb/modules/objectclass.c
@@ -412,7 +412,7 @@ static int objectclass_do_mod(struct ldb_async_handle *h) {
                }
        }
 
-       ret = ldb_msg_sanity_check(msg);
+       ret = ldb_msg_sanity_check(ac->module->ldb, msg);
        if (ret != LDB_SUCCESS) {
                talloc_free(mem_ctx);
                return ret;