Page MenuHomeFreeBSD

Fix a memory leak in ipfw
ClosedPublic

Authored by trix_juniper.net on Mar 11 2017, 4:38 PM.

Details

Summary

ipv6.c fill_ip6
The value of the pointer av changes before it is freed.
Introduce a new variable, lav, to track the original value.

Test Plan

Use clang's static analyzer, scan-build, to find the problem and later to show resolution.

Diff Detail

Repository
rS FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

marius accepted this revision.Mar 12 2017, 4:17 PM

Looks good to me. There's just one minor nit, though; in get_mac_addr_mask()::ipfw2.c
there's already precedence for using 'o' rather than 'l' (as in "local"?) as prefix for the
variable holding the original pointer returned by strdup(3). It would be great to stay
consistent across ipfw(8) in this regard.
If I'm not mistaken, you don't have a src commit bit. Shall I commit the change on
behalf of you?

This revision is now accepted and ready to land.Mar 12 2017, 4:17 PM

No commit bit.
Yes, l as in local, there have been similar problems where the pointer
variable is a passed in parameter.
Let me do the o change first, I¹ll take take of that tomorrow.
Tom

ae edited edge metadata.Mar 13 2017, 7:52 AM

I think it would be better move all local variables to the top of function according to style(9) and reuse some already existing variable for this.

trix_juniper.net edited edge metadata.

change 'lav' to 'oav'

This revision now requires review to proceed.Mar 13 2017, 3:48 PM
This revision was automatically updated to reflect the committed changes.