|
 |
df66e1 |
From e91583fb20b584621dd48031bef68279945f7aa6 Mon Sep 17 00:00:00 2001
|
|
|
df66e1 |
From: Quentin Armitage <quentin@armitage.org.uk>
|
|
|
df66e1 |
Date: Tue, 20 Nov 2018 13:03:55 +0000
|
|
|
df66e1 |
Subject: [PATCH] Fix double free when global data smtp_helo_name copied from
|
|
|
df66e1 |
local_name
|
|
|
df66e1 |
|
|
|
df66e1 |
Issue #1071 identified a double free fault. It occurred when smtp_helo_name
|
|
|
df66e1 |
was not set, in which case it was set to point to the same malloc'd memory
|
|
|
df66e1 |
as local_name. At termination keepalived freed both local_name and
|
|
|
df66e1 |
smtp_helo_name.
|
|
|
df66e1 |
|
|
|
df66e1 |
If keepalived needs to use local_name for smtp_helo_name it now malloc's
|
|
|
df66e1 |
aadditional memory to copy the string into.
|
|
|
df66e1 |
|
|
|
df66e1 |
Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
|
|
|
df66e1 |
---
|
|
|
df66e1 |
keepalived/core/global_data.c | 6 ++++--
|
|
|
df66e1 |
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
|
df66e1 |
|
|
|
df66e1 |
diff --git a/keepalived/core/global_data.c b/keepalived/core/global_data.c
|
|
|
df66e1 |
index cd381d9b..be9fecbd 100644
|
|
|
df66e1 |
--- a/keepalived/core/global_data.c
|
|
|
df66e1 |
+++ b/keepalived/core/global_data.c
|
|
|
df66e1 |
@@ -257,8 +257,10 @@ init_global_data(data_t * data, data_t *old_global_data)
|
|
|
df66e1 |
if (!data->email_from)
|
|
|
df66e1 |
set_default_email_from(data, data->local_name);
|
|
|
df66e1 |
|
|
|
df66e1 |
- if (!data->smtp_helo_name)
|
|
|
df66e1 |
- data->smtp_helo_name = data->local_name;
|
|
|
df66e1 |
+ if (!data->smtp_helo_name) {
|
|
|
df66e1 |
+ data->smtp_helo_name = MALLOC(strlen(data->local_name) + 1);
|
|
|
df66e1 |
+ strcpy(data->smtp_helo_name, data->local_name);
|
|
|
df66e1 |
+ }
|
|
|
df66e1 |
}
|
|
|
df66e1 |
}
|
|
|
df66e1 |
|
|
|
df66e1 |
--
|
|
|
df66e1 |
2.20.1
|
|
|
df66e1 |
|