Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Dec 2013 11:07:04 +0000 (UTC)
From:      Dmitry Sivachenko <demon@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r336619 - head/net/haproxy-devel/files
Message-ID:  <201312161107.rBGB74ED092212@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: demon
Date: Mon Dec 16 11:07:04 2013
New Revision: 336619
URL: http://svnweb.freebsd.org/changeset/ports/336619

Log:
  Fix double-free.
  
  Obtained from:	upstream

Added:
  head/net/haproxy-devel/files/patch-0001-BUG-MAJOR-patterns-fix-double-free-caused-by-loading.patch   (contents, props changed)

Added: head/net/haproxy-devel/files/patch-0001-BUG-MAJOR-patterns-fix-double-free-caused-by-loading.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/haproxy-devel/files/patch-0001-BUG-MAJOR-patterns-fix-double-free-caused-by-loading.patch	Mon Dec 16 11:07:04 2013	(r336619)
@@ -0,0 +1,33 @@
+From 6762a3061ac0d1d8c8860a2191c602a3c526205c Mon Sep 17 00:00:00 2001
+From: Willy Tarreau <w@1wt.eu>
+Date: Mon, 16 Dec 2013 10:40:28 +0100
+Subject: BUG/MAJOR: patterns: fix double free caused by loading strings from
+ files
+
+A null pointer assignment was missing after a free in commit 7148ce6 (MEDIUM:
+pattern: Extract the index process from the pat_parse_*() functions), causing
+a double free after loading a file of string patterns.
+
+This bug was introduced in 1.5-dev20, no backport is needed.
+
+Thanks to Sander Klein for reporting this bug and providing the config
+needed to trigger it.
+---
+ src/pattern.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/pattern.c b/src/pattern.c
+index ce60f76..8380c63 100644
+--- src/pattern.c
++++ src/pattern.c
+@@ -882,6 +882,7 @@ int pattern_register(struct pattern_expr *expr, const char **args,
+ 
+ 			/* the "map_parser_str()" function always duplicate string information */
+ 			free((*pattern)->ptr.str);
++			(*pattern)->ptr.str = NULL;
+ 
+ 			/* we pre-set the data pointer to the tree's head so that functions
+ 			 * which are able to insert in a tree know where to do that.
+-- 
+1.7.12.2.21.g234cd45.dirty
+

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312161107.rBGB74ED092212>