Date: Wed, 9 Jul 2025 08:58:59 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 2811ec176c40 - main - pfctl: Fix file descriptor leak due to popfile() never closing the main config file. Message-ID: <202507090858.5698wxMF044739@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=2811ec176c402ab007ce1897f4c1a344cdb02723 commit 2811ec176c402ab007ce1897f4c1a344cdb02723 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-07-03 09:13:41 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-07-09 08:57:48 +0000 pfctl: Fix file descriptor leak due to popfile() never closing the main config file. The fix is the same as for other parse.y files in the tree (see bgpd(8) or unwind(8)) ok bluhm@ Obtained from: OpenBSD, tobhe <tobhe@openbsd.org>, da1e1ceac5 Sponsored by: Rubicon Communications, LLC ("Netgate") --- sbin/pfctl/parse.y | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index af1fb95398f8..dd6fb0116aea 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -95,7 +95,7 @@ static struct file { int eof_reached; int lineno; int errors; -} *file; +} *file, *topfile; struct file *pushfile(const char *, int); int popfile(void); int check_file_secrecy(int, const char *); @@ -6743,7 +6743,7 @@ lgetc(int quotec) if (quotec) { if ((c = igetc()) == EOF) { yyerror("reached end of file while parsing quoted string"); - if (popfile() == EOF) + if (file == topfile || popfile() == EOF) return (EOF); return (quotec); } @@ -6771,7 +6771,7 @@ lgetc(int quotec) return ('\n'); } while (c == EOF) { - if (popfile() == EOF) + if (file == topfile || popfile() == EOF) return (EOF); c = igetc(); } @@ -7069,17 +7069,17 @@ popfile(void) { struct file *prev; - if ((prev = TAILQ_PREV(file, files, entry)) != NULL) { + if ((prev = TAILQ_PREV(file, files, entry)) != NULL) prev->errors += file->errors; - TAILQ_REMOVE(&files, file, entry); - fclose(file->stream); - free(file->name); - free(file->ungetbuf); - free(file); - file = prev; - return (0); - } - return (EOF); + + TAILQ_REMOVE(&files, file, entry); + fclose(file->stream); + free(file->name); + free(file->ungetbuf); + free(file); + file = prev; + + return (file ? 0 : EOF); } int @@ -7102,6 +7102,7 @@ parse_config(char *filename, struct pfctl *xpf) warn("cannot open the main config file!"); return (-1); } + topfile = file; yyparse(); errors = file->errors;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202507090858.5698wxMF044739>