Re: fix memory handling in acme-client config parser
sure ok benno@ Jonathan Gray(j...@jsg.id.au) on 2017.10.19 16:33:35 +1100: > Use after free and a memory leak. > > Index: parse.y > === > RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v > retrieving revision 1.17 > diff -u -p -U4 -r1.17 parse.y > --- parse.y 23 Mar 2017 12:59:32 - 1.17 > +++ parse.y 19 Oct 2017 04:50:29 - > @@ -224,10 +224,10 @@ domain : DOMAIN STRING { > char *s; > if ((s = strdup($2)) == NULL) > err(EXIT_FAILURE, "strdup"); > if (!domain_valid(s)) { > - free(s); > yyerror("%s: bad domain syntax", s); > + free(s); > YYERROR; > } > if ((domain = conf_new_domain(conf, s)) == NULL) { > free(s); > @@ -335,8 +335,9 @@ domainoptsl : ALTERNATIVE NAMES '{' altn > if ((s = strdup($3)) == NULL) > err(EXIT_FAILURE, "strdup"); > if (authority_find(conf, s) == NULL) { > yyerror("use: unknown authority"); > + free(s); > YYERROR; > } > domain->auth = s; > } >
Re: fix memory handling in acme-client config parser
OK florian@ On Thu, Oct 19, 2017 at 05:33:35AM +, Jonathan Gray wrote: > Use after free and a memory leak. > > Index: parse.y > === > RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v > retrieving revision 1.17 > diff -u -p -U4 -r1.17 parse.y > --- parse.y 23 Mar 2017 12:59:32 - 1.17 > +++ parse.y 19 Oct 2017 04:50:29 - > @@ -224,10 +224,10 @@ domain : DOMAIN STRING { > char *s; > if ((s = strdup($2)) == NULL) > err(EXIT_FAILURE, "strdup"); > if (!domain_valid(s)) { > - free(s); > yyerror("%s: bad domain syntax", s); > + free(s); > YYERROR; > } > if ((domain = conf_new_domain(conf, s)) == NULL) { > free(s); > @@ -335,8 +335,9 @@ domainoptsl : ALTERNATIVE NAMES '{' altn > if ((s = strdup($3)) == NULL) > err(EXIT_FAILURE, "strdup"); > if (authority_find(conf, s) == NULL) { > yyerror("use: unknown authority"); > + free(s); > YYERROR; > } > domain->auth = s; > } > -- I'm not entirely sure you are real.
fix memory handling in acme-client config parser
Use after free and a memory leak. Index: parse.y === RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v retrieving revision 1.17 diff -u -p -U4 -r1.17 parse.y --- parse.y 23 Mar 2017 12:59:32 - 1.17 +++ parse.y 19 Oct 2017 04:50:29 - @@ -224,10 +224,10 @@ domain: DOMAIN STRING { char *s; if ((s = strdup($2)) == NULL) err(EXIT_FAILURE, "strdup"); if (!domain_valid(s)) { - free(s); yyerror("%s: bad domain syntax", s); + free(s); YYERROR; } if ((domain = conf_new_domain(conf, s)) == NULL) { free(s); @@ -335,8 +335,9 @@ domainoptsl : ALTERNATIVE NAMES '{' altn if ((s = strdup($3)) == NULL) err(EXIT_FAILURE, "strdup"); if (authority_find(conf, s) == NULL) { yyerror("use: unknown authority"); + free(s); YYERROR; } domain->auth = s; }