Date: Mon, 28 May 2018 02:40:06 +0000 (UTC) From: Eric van Gyzen <vangyzen@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r334270 - head/usr.bin/logger Message-ID: <201805280240.w4S2e6kV075732@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: vangyzen Date: Mon May 28 02:40:06 2018 New Revision: 334270 URL: https://svnweb.freebsd.org/changeset/base/334270 Log: logger: fix memory leak and use-after-free This one call to getaddrinfo() did not adhere to the common idiom of storing the result into a second res0 variable, which is later freed. Reported by: Coverity CID: 1368069 1368071 Sponsored by: Dell EMC Modified: head/usr.bin/logger/logger.c Modified: head/usr.bin/logger/logger.c ============================================================================== --- head/usr.bin/logger/logger.c Mon May 28 02:34:38 2018 (r334269) +++ head/usr.bin/logger/logger.c Mon May 28 02:40:06 2018 (r334270) @@ -298,7 +298,7 @@ socksetup(const char *src, const char *dst, const char error = getaddrinfo(dst, svcname, &hints, &res0); if (error == EAI_SERVICE) { warnx("%s/udp: unknown service", svcname); - error = getaddrinfo(dst, "514", &hints, &res); + error = getaddrinfo(dst, "514", &hints, &res0); } if (error) errx(1, "%s: %s", gai_strerror(error), dst);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201805280240.w4S2e6kV075732>