Page MenuHomeFreeBSD
Differential D54825

xdr_string: don't leak strings with xdr_free
ClosedPublic
Actions

Authored by brooks on Thu, Jan 22, 10:12 AM.
Tags
None
Referenced Files
F142863467: D54825.id170262.diff
Sat, Jan 24, 6:58 AM
Unknown Object (File)
Thu, Jan 22, 9:20 PM
Unknown Object (File)
Thu, Jan 22, 5:34 PM
Unknown Object (File)
Thu, Jan 22, 3:01 PM
Unknown Object (File)
Thu, Jan 22, 2:42 PM
Unknown Object (File)
Thu, Jan 22, 1:55 PM
Unknown Object (File)
Thu, Jan 22, 12:51 PM
Unknown Object (File)
Thu, Jan 22, 12:26 PM
Subscribers
imp

Details

Reviewers
kib
markj
Group Reviewers
cheri
Commits
rGe17d7ab869bb: xdr_string: don't leak strings with xdr_free
Summary

Historically (and in a small amount of older software such as OpenAFS),
developers would attempt tofree XDR strings with
xdr_free((xdrproc_t)xdr_string, &string)

This resulted in xdr_free calling xdr_string with only two intentional
arguments and what ever was left in the third argument register. If the
register held a sufficently small number, xdr_string would return FALSE
and not free the string (noone checks the return values).

Software should instead free strings with:
xdr_free((xdrproc_t)xdr_wrapstring, &string)

Because buggy software exists in the wild, act as though xdr_wrapstring
was used in the XDR_FREE case and plug these leaks.

Effort: CHERI upstreaming
Sponsored by: Innovate UK

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
lib/
libc/
xdr/
7 lines
sys/
xdr/
7 lines

Diff 170262

View Options

lib/libc/xdr/xdr.c

Loading...
View Options

sys/xdr/xdr.c

Loading...