subject:"fix memory handling in acme\-client config parser"

Re: fix memory handling in acme-client config parser

2017-10-19 Thread Sebastian Benoit

sure ok benno@

Jonathan Gray(j...@jsg.id.au) on 2017.10.19 16:33:35 +1100:
> Use after free and a memory leak.
> 
> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v
> retrieving revision 1.17
> diff -u -p -U4 -r1.17 parse.y
> --- parse.y   23 Mar 2017 12:59:32 -  1.17
> +++ parse.y   19 Oct 2017 04:50:29 -
> @@ -224,10 +224,10 @@ domain  : DOMAIN STRING {
>   char *s;
>   if ((s = strdup($2)) == NULL)
>   err(EXIT_FAILURE, "strdup");
>   if (!domain_valid(s)) {
> - free(s);
>   yyerror("%s: bad domain syntax", s);
> + free(s);
>   YYERROR;
>   }
>   if ((domain = conf_new_domain(conf, s)) == NULL) {
>   free(s);
> @@ -335,8 +335,9 @@ domainoptsl   : ALTERNATIVE NAMES '{' altn
>   if ((s = strdup($3)) == NULL)
>   err(EXIT_FAILURE, "strdup");
>   if (authority_find(conf, s) == NULL) {
>   yyerror("use: unknown authority");
> + free(s);
>   YYERROR;
>   }
>   domain->auth = s;
>   }
>

Re: fix memory handling in acme-client config parser

2017-10-19 Thread Florian Obser

OK florian@

On Thu, Oct 19, 2017 at 05:33:35AM +, Jonathan Gray wrote:
> Use after free and a memory leak.
> 
> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v
> retrieving revision 1.17
> diff -u -p -U4 -r1.17 parse.y
> --- parse.y   23 Mar 2017 12:59:32 -  1.17
> +++ parse.y   19 Oct 2017 04:50:29 -
> @@ -224,10 +224,10 @@ domain  : DOMAIN STRING {
>   char *s;
>   if ((s = strdup($2)) == NULL)
>   err(EXIT_FAILURE, "strdup");
>   if (!domain_valid(s)) {
> - free(s);
>   yyerror("%s: bad domain syntax", s);
> + free(s);
>   YYERROR;
>   }
>   if ((domain = conf_new_domain(conf, s)) == NULL) {
>   free(s);
> @@ -335,8 +335,9 @@ domainoptsl   : ALTERNATIVE NAMES '{' altn
>   if ((s = strdup($3)) == NULL)
>   err(EXIT_FAILURE, "strdup");
>   if (authority_find(conf, s) == NULL) {
>   yyerror("use: unknown authority");
> + free(s);
>   YYERROR;
>   }
>   domain->auth = s;
>   }
> 

-- 
I'm not entirely sure you are real.

fix memory handling in acme-client config parser

2017-10-18 Thread Jonathan Gray

Use after free and a memory leak.

Index: parse.y
===
RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v
retrieving revision 1.17
diff -u -p -U4 -r1.17 parse.y
--- parse.y 23 Mar 2017 12:59:32 -  1.17
+++ parse.y 19 Oct 2017 04:50:29 -
@@ -224,10 +224,10 @@ domain: DOMAIN STRING {
char *s;
if ((s = strdup($2)) == NULL)
err(EXIT_FAILURE, "strdup");
if (!domain_valid(s)) {
-   free(s);
yyerror("%s: bad domain syntax", s);
+   free(s);
YYERROR;
}
if ((domain = conf_new_domain(conf, s)) == NULL) {
free(s);
@@ -335,8 +335,9 @@ domainoptsl : ALTERNATIVE NAMES '{' altn
if ((s = strdup($3)) == NULL)
err(EXIT_FAILURE, "strdup");
if (authority_find(conf, s) == NULL) {
yyerror("use: unknown authority");
+   free(s);
YYERROR;
}
domain->auth = s;
}

Re: fix memory handling in acme-client config parser

Re: fix memory handling in acme-client config parser

fix memory handling in acme-client config parser

3 matches

Site Navigation

Mail list logo

Footer information