Date: Mon, 16 May 2016 04:39:16 +0000 (UTC) From: Don Lewis <truckman@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r299893 - head/usr.sbin/config Message-ID: <201605160439.u4G4dGK5026287@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: truckman Date: Mon May 16 04:39:16 2016 New Revision: 299893 URL: https://svnweb.freebsd.org/changeset/base/299893 Log: Don't free fnamebuf before we calling cfgfile_add(). This changes a use-after-free error into a minor memory leak. Reported by: Coverity CID: 1006084 Modified: head/usr.sbin/config/lang.l Modified: head/usr.sbin/config/lang.l ============================================================================== --- head/usr.sbin/config/lang.l Mon May 16 04:03:52 2016 (r299892) +++ head/usr.sbin/config/lang.l Mon May 16 04:39:16 2016 (r299893) @@ -267,7 +267,8 @@ include(const char *fname, int ateof) asprintf(&fnamebuf, "../../conf/%s", fname); if (fnamebuf != NULL) { fp = fopen(fnamebuf, "r"); - free(fnamebuf); + if (fp == NULL) + free(fnamebuf); } } if (fp == NULL) { @@ -275,10 +276,10 @@ include(const char *fname, int ateof) asprintf(&fnamebuf, "%s/%s", ipath->path, fname); if (fnamebuf != NULL) { fp = fopen(fnamebuf, "r"); - free(fnamebuf); } if (fp != NULL) break; + free(fnamebuf); } } if (fp == NULL) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605160439.u4G4dGK5026287>