|
 |
cef8f8 |
autofs-5.1.3 - fix possible memory leak during amd parse
|
|
|
cef8f8 |
|
|
|
cef8f8 |
From: Ian Kent <raven@themaw.net>
|
|
|
cef8f8 |
|
|
|
cef8f8 |
If an amd map entry option is given more than once subsequent assignment
|
|
|
cef8f8 |
could result in a memory leak.
|
|
|
cef8f8 |
|
|
|
cef8f8 |
Signed-off-by: Ian Kent <raven@themaw.net>
|
|
|
cef8f8 |
---
|
|
|
cef8f8 |
CHANGELOG | 1
|
|
|
cef8f8 |
modules/amd_parse.y | 92 +++++++++++++++++++++++++++++-----------------------
|
|
|
cef8f8 |
2 files changed, 54 insertions(+), 39 deletions(-)
|
|
|
cef8f8 |
|
|
|
cef8f8 |
--- autofs-5.0.7.orig/CHANGELOG
|
|
|
cef8f8 |
+++ autofs-5.0.7/CHANGELOG
|
|
|
cef8f8 |
@@ -276,6 +276,7 @@
|
|
|
cef8f8 |
- refactor amd_parse.c.
|
|
|
cef8f8 |
- fix amd parser double quote handling.
|
|
|
cef8f8 |
- fix expandamdent() quote handling.
|
|
|
cef8f8 |
+- fix possible memory leak during amd parse.
|
|
|
cef8f8 |
|
|
|
cef8f8 |
25/07/2012 autofs-5.0.7
|
|
|
cef8f8 |
=======================
|
|
|
cef8f8 |
--- autofs-5.0.7.orig/modules/amd_parse.y
|
|
|
cef8f8 |
+++ autofs-5.0.7/modules/amd_parse.y
|
|
|
cef8f8 |
@@ -41,6 +41,7 @@ extern int amd_lex(void);
|
|
|
cef8f8 |
extern void amd_set_scan_buffer(const char *);
|
|
|
cef8f8 |
|
|
|
cef8f8 |
static char *amd_strdup(char *);
|
|
|
cef8f8 |
+static void amd_set_value(char **, char *);
|
|
|
cef8f8 |
static void local_init_vars(void);
|
|
|
cef8f8 |
static void local_free_vars(void);
|
|
|
cef8f8 |
|
|
|
cef8f8 |
@@ -289,19 +290,22 @@ option_assignment: MAP_OPTION OPTION_ASS
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
if (!strcmp($1, "fs"))
|
|
|
cef8f8 |
- entry.fs = fs_opt_val;
|
|
|
cef8f8 |
+ amd_set_value(&entry.fs, fs_opt_val);
|
|
|
cef8f8 |
else if (!strcmp($1, "sublink")) {
|
|
|
cef8f8 |
- entry.sublink = fs_opt_val;
|
|
|
cef8f8 |
+ amd_set_value(&entry.sublink, fs_opt_val);
|
|
|
cef8f8 |
} else if (!strcmp($1, "pref")) {
|
|
|
cef8f8 |
if (strcmp(fs_opt_val, "null"))
|
|
|
cef8f8 |
- entry.pref = fs_opt_val;
|
|
|
cef8f8 |
+ amd_set_value(&entry.pref, fs_opt_val);
|
|
|
cef8f8 |
else {
|
|
|
cef8f8 |
- entry.pref = amd_strdup("");
|
|
|
cef8f8 |
- if (!entry.pref) {
|
|
|
cef8f8 |
+ char *empty;
|
|
|
cef8f8 |
+
|
|
|
cef8f8 |
+ empty = amd_strdup("");
|
|
|
cef8f8 |
+ if (!empty) {
|
|
|
cef8f8 |
amd_notify($3);
|
|
|
cef8f8 |
free(fs_opt_val);
|
|
|
cef8f8 |
YYABORT;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
+ amd_set_value(&entry.pref, empty);
|
|
|
cef8f8 |
free(fs_opt_val);
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
} else {
|
|
|
cef8f8 |
@@ -314,11 +318,14 @@ option_assignment: MAP_OPTION OPTION_ASS
|
|
|
cef8f8 |
| MAP_OPTION OPTION_ASSIGN
|
|
|
cef8f8 |
{
|
|
|
cef8f8 |
if (!strcmp($1, "fs")) {
|
|
|
cef8f8 |
- entry.fs = amd_strdup("");
|
|
|
cef8f8 |
- if (!entry.fs) {
|
|
|
cef8f8 |
+ char *empty;
|
|
|
cef8f8 |
+
|
|
|
cef8f8 |
+ empty = amd_strdup("");
|
|
|
cef8f8 |
+ if (!empty) {
|
|
|
cef8f8 |
amd_notify($1);
|
|
|
cef8f8 |
YYABORT;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
+ amd_set_value(&entry.fs, empty);
|
|
|
cef8f8 |
} else {
|
|
|
cef8f8 |
amd_notify($1);
|
|
|
cef8f8 |
YYABORT;
|
|
|
cef8f8 |
@@ -335,11 +342,11 @@ option_assignment: MAP_OPTION OPTION_ASS
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
if (!strcmp($1, "rhost"))
|
|
|
cef8f8 |
- entry.rhost = fs_opt_val;
|
|
|
cef8f8 |
+ amd_set_value(&entry.rhost, fs_opt_val);
|
|
|
cef8f8 |
else if (!strcmp($1, "rfs"))
|
|
|
cef8f8 |
- entry.rfs = fs_opt_val;
|
|
|
cef8f8 |
+ amd_set_value(&entry.rfs, fs_opt_val);
|
|
|
cef8f8 |
else if (!strcmp($1, "dev"))
|
|
|
cef8f8 |
- entry.dev = fs_opt_val;
|
|
|
cef8f8 |
+ amd_set_value(&entry.dev, fs_opt_val);
|
|
|
cef8f8 |
else if (!strcmp($1, "mount") ||
|
|
|
cef8f8 |
!strcmp($1, "unmount") ||
|
|
|
cef8f8 |
!strcmp($1, "umount")) {
|
|
|
cef8f8 |
@@ -369,11 +376,11 @@ option_assignment: MAP_OPTION OPTION_ASS
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
if (!strcmp($1, "rhost"))
|
|
|
cef8f8 |
- entry.rhost = empty;
|
|
|
cef8f8 |
+ amd_set_value(&entry.rhost, empty);
|
|
|
cef8f8 |
else if (!strcmp($1, "rfs"))
|
|
|
cef8f8 |
- entry.rfs = empty;
|
|
|
cef8f8 |
+ amd_set_value(&entry.rfs, empty);
|
|
|
cef8f8 |
else if (!strcmp($1, "dev"))
|
|
|
cef8f8 |
- entry.dev = empty;
|
|
|
cef8f8 |
+ amd_set_value(&entry.dev, empty);
|
|
|
cef8f8 |
else {
|
|
|
cef8f8 |
amd_notify($1);
|
|
|
cef8f8 |
free(empty);
|
|
|
cef8f8 |
@@ -468,36 +475,27 @@ static int match_map_option_fs_type(char
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
- if (!strcmp(fs_type, "auto")) {
|
|
|
cef8f8 |
+ if (!strcmp(fs_type, "auto"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_AUTO;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "nfs") ||
|
|
|
cef8f8 |
- !strcmp(fs_type, "nfs4")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "nfs") ||
|
|
|
cef8f8 |
+ !strcmp(fs_type, "nfs4"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_NFS;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "nfsl")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "nfsl"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_NFSL;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "link")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "link"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_LINK;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "linkx")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "linkx"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_LINKX;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "host")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "host"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_HOST;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "lofs")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "lofs"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_LOFS;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "xfs")) {
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "xfs"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_XFS;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
- } else if (!strcmp(fs_type, "ext2") ||
|
|
|
cef8f8 |
+ else if (!strcmp(fs_type, "ext2") ||
|
|
|
cef8f8 |
!strcmp(fs_type, "ext3") ||
|
|
|
cef8f8 |
- !strcmp(fs_type, "ext4")) {
|
|
|
cef8f8 |
+ !strcmp(fs_type, "ext4"))
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_EXT;
|
|
|
cef8f8 |
- entry.type = fs_type;
|
|
|
cef8f8 |
} else if (!strcmp(fs_type, "ufs")) {
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_UFS;
|
|
|
cef8f8 |
entry.type = conf_amd_get_linux_ufs_mount_type();
|
|
|
cef8f8 |
@@ -508,6 +506,7 @@ static int match_map_option_fs_type(char
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
free(fs_type);
|
|
|
cef8f8 |
+ fs_type = NULL;
|
|
|
cef8f8 |
} else if (!strcmp(fs_type, "cdfs")) {
|
|
|
cef8f8 |
entry.flags |= AMD_MOUNT_TYPE_CDFS;
|
|
|
cef8f8 |
entry.type = amd_strdup("iso9660");
|
|
|
cef8f8 |
@@ -518,6 +517,7 @@ static int match_map_option_fs_type(char
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
free(fs_type);
|
|
|
cef8f8 |
+ fs_type = NULL;
|
|
|
cef8f8 |
} else if (!strcmp(fs_type, "jfs") ||
|
|
|
cef8f8 |
!strcmp(fs_type, "nfsx") ||
|
|
|
cef8f8 |
!strcmp(fs_type, "program") ||
|
|
|
cef8f8 |
@@ -534,12 +534,16 @@ static int match_map_option_fs_type(char
|
|
|
cef8f8 |
fs_type);
|
|
|
cef8f8 |
amd_msg(msg_buf);
|
|
|
cef8f8 |
free(fs_type);
|
|
|
cef8f8 |
+ fs_type = NULL;
|
|
|
cef8f8 |
} else {
|
|
|
cef8f8 |
amd_notify(fs_type);
|
|
|
cef8f8 |
free(fs_type);
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
+ if (fs_type)
|
|
|
cef8f8 |
+ amd_set_value(&entry.type, fs_type);
|
|
|
cef8f8 |
+
|
|
|
cef8f8 |
return 1;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
@@ -558,15 +562,18 @@ static int match_map_option_map_type(cha
|
|
|
cef8f8 |
!strcmp(map_type, "nisplus") ||
|
|
|
cef8f8 |
!strcmp(map_type, "ldap") ||
|
|
|
cef8f8 |
!strcmp(map_type, "hesiod")) {
|
|
|
cef8f8 |
- entry.map_type = map_type;
|
|
|
cef8f8 |
+ amd_set_value(&entry.map_type, map_type);
|
|
|
cef8f8 |
} else if (!strcmp(map_type, "exec")) {
|
|
|
cef8f8 |
/* autofs uses "program" for "exec" map type */
|
|
|
cef8f8 |
- entry.map_type = amd_strdup("program");
|
|
|
cef8f8 |
- if (!entry.map_type) {
|
|
|
cef8f8 |
+ char * tmp;
|
|
|
cef8f8 |
+
|
|
|
cef8f8 |
+ tmp = amd_strdup("program");
|
|
|
cef8f8 |
+ if (!tmp) {
|
|
|
cef8f8 |
amd_notify(type);
|
|
|
cef8f8 |
free(map_type);
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
+ amd_set_value(&entry.map_type, tmp);
|
|
|
cef8f8 |
free(map_type);
|
|
|
cef8f8 |
} else if (!strcmp(map_type, "passwd")) {
|
|
|
cef8f8 |
sprintf(msg_buf, "map type %s is "
|
|
|
cef8f8 |
@@ -621,17 +628,17 @@ static int match_mnt_option_options(char
|
|
|
cef8f8 |
tmp = amd_strdup(options);
|
|
|
cef8f8 |
if (!tmp)
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
- entry.opts = tmp;
|
|
|
cef8f8 |
+ amd_set_value(&entry.opts, tmp);
|
|
|
cef8f8 |
} else if (!strcmp(mnt_option, "addopts")) {
|
|
|
cef8f8 |
tmp = amd_strdup(options);
|
|
|
cef8f8 |
if (!tmp)
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
- entry.addopts = tmp;
|
|
|
cef8f8 |
+ amd_set_value(&entry.addopts, tmp);
|
|
|
cef8f8 |
} else if (!strcmp(mnt_option, "remopts")) {
|
|
|
cef8f8 |
tmp = amd_strdup(options);
|
|
|
cef8f8 |
if (!tmp)
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
- entry.remopts = tmp;
|
|
|
cef8f8 |
+ amd_set_value(&entry.remopts, tmp);
|
|
|
cef8f8 |
} else
|
|
|
cef8f8 |
return 0;
|
|
|
cef8f8 |
|
|
|
cef8f8 |
@@ -715,6 +722,13 @@ done:
|
|
|
cef8f8 |
return tmp;
|
|
|
cef8f8 |
}
|
|
|
cef8f8 |
|
|
|
cef8f8 |
+static void amd_set_value(char **field, char *value)
|
|
|
cef8f8 |
+{
|
|
|
cef8f8 |
+ if (*field)
|
|
|
cef8f8 |
+ free(*field);
|
|
|
cef8f8 |
+ *field = value;
|
|
|
cef8f8 |
+}
|
|
|
cef8f8 |
+
|
|
|
cef8f8 |
static int amd_error(const char *s)
|
|
|
cef8f8 |
{
|
|
|
cef8f8 |
if (strcmp(s, "syntax"))
|