900526
From 18df9e628ea10c7d607f43fcfd935e7924731f24 Mon Sep 17 00:00:00 2001
900526
From: Evan Hunt <each@isc.org>
900526
Date: Mon, 9 Sep 2013 22:12:47 -0700
900526
Subject: [PATCH] [master] strdup journal filename
900526
900526
3646.	[bug]		Journal filename string could be set incorrectly,
900526
                        causing garbage in log messages.  [RT #34738]
900526
---
900526
 lib/dns/journal.c | 12 +++++++++---
900526
 1 file changed, 9 insertions(+), 3 deletions(-)
900526
900526
diff --git a/lib/dns/journal.c b/lib/dns/journal.c
900526
index 08aabd5..46a52e1 100644
900526
--- a/lib/dns/journal.c
900526
+++ b/lib/dns/journal.c
900526
@@ -307,7 +307,7 @@ struct dns_journal {
900526
 	unsigned int		magic;		/*%< JOUR */
900526
 	isc_mem_t		*mctx;		/*%< Memory context */
900526
 	journal_state_t		state;
900526
-	const char 		*filename;	/*%< Journal file name */
900526
+	char 			*filename;	/*%< Journal file name */
900526
 	FILE *			fp;		/*%< File handle */
900526
 	isc_offset_t		offset;		/*%< Current file offset */
900526
 	journal_header_t 	header;		/*%< In-core journal header */
900526
@@ -573,10 +573,13 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write,
900526
 	isc_mem_attach(mctx, &j->mctx);
900526
 	j->state = JOURNAL_STATE_INVALID;
900526
 	j->fp = NULL;
900526
-	j->filename = filename;
900526
+	j->filename = isc_mem_strdup(mctx, filename);
900526
 	j->index = NULL;
900526
 	j->rawindex = NULL;
900526
 
900526
+	if (j->filename == NULL)
900526
+		FAIL(ISC_R_NOMEMORY);
900526
+
900526
 	result = isc_stdio_open(j->filename, write ? "rb+" : "rb", &fp);
900526
 
900526
 	if (result == ISC_R_FILENOTFOUND) {
900526
@@ -679,6 +682,8 @@ journal_open(isc_mem_t *mctx, const char *filename, isc_boolean_t write,
900526
 			    sizeof(journal_rawpos_t));
900526
 		j->index = NULL;
900526
 	}
900526
+	if (j->filename != NULL)
900526
+		isc_mem_free(j->mctx, j->filename);
900526
 	if (j->fp != NULL)
900526
 		(void)isc_stdio_close(j->fp);
900526
 	isc_mem_putanddetach(&j->mctx, j, sizeof(*j));
900526
@@ -1242,7 +1247,8 @@ dns_journal_destroy(dns_journal_t **journalp) {
900526
 		isc_mem_put(j->mctx, j->it.target.base, j->it.target.length);
900526
 	if (j->it.source.base != NULL)
900526
 		isc_mem_put(j->mctx, j->it.source.base, j->it.source.length);
900526
-
900526
+	if (j->filename != NULL)
900526
+		isc_mem_free(j->mctx, j->filename);
900526
 	if (j->fp != NULL)
900526
 		(void)isc_stdio_close(j->fp);
900526
 	j->magic = 0;
900526
-- 
900526
1.8.3.1
900526