Fix a use of buf after it has been freed at the end of the do_rd() function. If the connection is being terminated, then there is no need to do the fcntl(), so just return immediately.
This bug was found with Smatch (http://smatch.sourceforge.net/). Signed-off-by: Ryan Mallon <[email protected]> --- networking/isrv_identd.c | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diff --git a/networking/isrv_identd.c b/networking/isrv_identd.c index a41405c..d571eb4 100644 --- a/networking/isrv_identd.c +++ b/networking/isrv_identd.c @@ -51,7 +51,6 @@ static int do_rd(int fd, void **paramp) { identd_buf_t *buf = *paramp; char *cur, *p; - int retval = 0; /* session is ok (so far) */ int sz; cur = buf->buf + buf->pos; @@ -79,11 +78,11 @@ static int do_rd(int fd, void **paramp) fdprintf(fd, "%s : USERID : UNIX : %s\r\n", buf->buf, bogouser); term: free(buf); - retval = 1; /* terminate */ + return 1; /* terminate */ ok: if (buf->fd_flag & O_NONBLOCK) fcntl(fd, F_SETFL, buf->fd_flag & ~O_NONBLOCK); - return retval; + return 0; } static int do_timeout(void **paramp UNUSED_PARAM) -- 1.7.1 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
