Package: amanda-server
Version: 1:2.5.2p1-4
Severity: important
Tags: security
I have been performing binary static analysis on some of the Debian 5
package repository.
I identified the following problem in amanda-2.5.2/server-src/dumper.c
if (mkpdir(indexfile_tmp, 02755, (uid_t)-1, (gid_t)-1) == -1) {
errstr = newvstralloc(errstr,
err create ,
indexfile_tmp,
: ,
strerror(errno),
NULL);
** amfree(indexfile_real);
** amfree(indexfile_tmp);
goto failed;
}
..
..
failed:
..
..
if (indexfile_tmp) {
unlink(indexfile_tmp);
** amfree(indexfile_tmp);
** amfree(indexfile_real);
}
return 0;
}
The first set of frees appears to be incorrect and should be removed. I have
only investigated this problem on Lenny, but it should be checked to see if
this issue
is present in the stable or unstable Debian trees.
--
Silvio