Yes, of course. An old C++ chalenge. No automatic free when the last pointer to the dynamicaly allocated memory is removed. :-(
Since this is passed as an argument the free if neecessary must come from outside of the function. Other possible solutions should be: - To use mulitple static buffers, identified by a index passed to the function. - Taking the calls out of the argument lists, and copy the buffer imdiately in another one allocated by the function. The first solution is IMHO "very crazy" and when using the second one you'll get a performance increase and shorter code by simply freeing within the function calling "htmlquoted". The code where it is patched in 9-CVE-2011-1716 or 7-CVE-2011-1716 looks like this is only used in the cgi code. I'm running an patched package on an "in preparation" machine with 618 status icons since yesterday approx 14:00h. Memory usage does't look like a memory leak until now. I don't know what workers, channels and the hobbitd or hobbitlaunch should do with this function. Since HTML-Code from the status messages is included in the site and this behavior is widely used as a feature, it does'nt make sense to escape this chars. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1716 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1103428 Title: Xymon history page does not work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xymon/+bug/1103428/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
