|
 |
306fa1 |
autofs-5.1.0 - fix memory leak in get_exports()
|
|
|
306fa1 |
|
|
|
306fa1 |
From: Ian Kent <ikent@redhat.com>
|
|
|
306fa1 |
|
|
|
306fa1 |
In modules/lookup_hosts.c:get_exports() looping over the returned list of
|
|
|
306fa1 |
exports uses the pointer that contains the list. The pointer is updated
|
|
|
306fa1 |
in the process of creating the exports multi-mount so a pointer to the
|
|
|
306fa1 |
returned list is no longer available to be freed when done.
|
|
|
306fa1 |
---
|
|
|
306fa1 |
CHANGELOG | 1 +
|
|
|
306fa1 |
modules/lookup_hosts.c | 17 +++++++++--------
|
|
|
306fa1 |
2 files changed, 10 insertions(+), 8 deletions(-)
|
|
|
306fa1 |
|
|
|
306fa1 |
--- autofs-5.0.7.orig/CHANGELOG
|
|
|
306fa1 |
+++ autofs-5.0.7/CHANGELOG
|
|
|
306fa1 |
@@ -149,6 +149,7 @@
|
|
|
306fa1 |
- force disable browse mode for amd format maps.
|
|
|
306fa1 |
- fix hosts map options check in lookup_amd_instance().
|
|
|
306fa1 |
- fix memory leak in create_client().
|
|
|
306fa1 |
+- fix memory leak in get_exports().
|
|
|
306fa1 |
|
|
|
306fa1 |
25/07/2012 autofs-5.0.7
|
|
|
306fa1 |
=======================
|
|
|
306fa1 |
--- autofs-5.0.7.orig/modules/lookup_hosts.c
|
|
|
306fa1 |
+++ autofs-5.0.7/modules/lookup_hosts.c
|
|
|
306fa1 |
@@ -82,18 +82,19 @@ static char *get_exports(struct autofs_p
|
|
|
306fa1 |
{
|
|
|
306fa1 |
char buf[MAX_ERR_BUF];
|
|
|
306fa1 |
char *mapent;
|
|
|
306fa1 |
- exports exp;
|
|
|
306fa1 |
+ exports exp, this;
|
|
|
306fa1 |
|
|
|
306fa1 |
debug(ap->logopt, MODPREFIX "fetchng export list for %s", host);
|
|
|
306fa1 |
|
|
|
306fa1 |
exp = rpc_get_exports(host, 10, 0, RPC_CLOSE_NOLINGER);
|
|
|
306fa1 |
|
|
|
306fa1 |
mapent = NULL;
|
|
|
306fa1 |
- while (exp) {
|
|
|
306fa1 |
+ this = exp;
|
|
|
306fa1 |
+ while (this) {
|
|
|
306fa1 |
if (mapent) {
|
|
|
306fa1 |
int len = strlen(mapent) + 1;
|
|
|
306fa1 |
|
|
|
306fa1 |
- len += strlen(host) + 2*(strlen(exp->ex_dir) + 2) + 3;
|
|
|
306fa1 |
+ len += strlen(host) + 2*(strlen(this->ex_dir) + 2) + 3;
|
|
|
306fa1 |
mapent = realloc(mapent, len);
|
|
|
306fa1 |
if (!mapent) {
|
|
|
306fa1 |
char *estr;
|
|
|
306fa1 |
@@ -103,10 +104,10 @@ static char *get_exports(struct autofs_p
|
|
|
306fa1 |
return NULL;
|
|
|
306fa1 |
}
|
|
|
306fa1 |
strcat(mapent, " \"");
|
|
|
306fa1 |
- strcat(mapent, exp->ex_dir);
|
|
|
306fa1 |
+ strcat(mapent, this->ex_dir);
|
|
|
306fa1 |
strcat(mapent, "\"");
|
|
|
306fa1 |
} else {
|
|
|
306fa1 |
- int len = 2*(strlen(exp->ex_dir) + 2) + strlen(host) + 3;
|
|
|
306fa1 |
+ int len = 2*(strlen(this->ex_dir) + 2) + strlen(host) + 3;
|
|
|
306fa1 |
|
|
|
306fa1 |
mapent = malloc(len);
|
|
|
306fa1 |
if (!mapent) {
|
|
|
306fa1 |
@@ -117,16 +118,16 @@ static char *get_exports(struct autofs_p
|
|
|
306fa1 |
return NULL;
|
|
|
306fa1 |
}
|
|
|
306fa1 |
strcpy(mapent, "\"");
|
|
|
306fa1 |
- strcat(mapent, exp->ex_dir);
|
|
|
306fa1 |
+ strcat(mapent, this->ex_dir);
|
|
|
306fa1 |
strcat(mapent, "\"");
|
|
|
306fa1 |
}
|
|
|
306fa1 |
strcat(mapent, " \"");
|
|
|
306fa1 |
strcat(mapent, host);
|
|
|
306fa1 |
strcat(mapent, ":");
|
|
|
306fa1 |
- strcat(mapent, exp->ex_dir);
|
|
|
306fa1 |
+ strcat(mapent, this->ex_dir);
|
|
|
306fa1 |
strcat(mapent, "\"");
|
|
|
306fa1 |
|
|
|
306fa1 |
- exp = exp->ex_next;
|
|
|
306fa1 |
+ this = this->ex_next;
|
|
|
306fa1 |
}
|
|
|
306fa1 |
rpc_exports_free(exp);
|
|
|
306fa1 |
|