Differential D54825

xdr_string: don't leak strings with xdr_free
ClosedPublic
Actions

Authored by brooks on Jan 22 2026, 10:12 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Tue, Feb 24, 9:19 AM

	Unknown Object (File)
	Tue, Feb 24, 8:22 AM

	Unknown Object (File)
	Tue, Feb 24, 7:05 AM

	Unknown Object (File)
	Mon, Feb 23, 12:37 PM

	Unknown Object (File)
	Mon, Feb 23, 12:27 PM

	Unknown Object (File)
	Mon, Feb 23, 12:26 PM

	Unknown Object (File)
	Wed, Feb 18, 4:03 PM

	Unknown Object (File)
	Wed, Feb 18, 4:03 PM

View All 23 Files

Subscribers

Details

Reviewers

kib
markj

Group Reviewers

Commits

rGe17d7ab869bb: xdr_string: don't leak strings with xdr_free

Summary

Historically (and in a small amount of older software such as OpenAFS),
developers would attempt tofree XDR strings with
xdr_free((xdrproc_t)xdr_string, &string)

This resulted in xdr_free calling xdr_string with only two intentional
arguments and what ever was left in the third argument register. If the
register held a sufficently small number, xdr_string would return FALSE
and not free the string (noone checks the return values).

Software should instead free strings with:
xdr_free((xdrproc_t)xdr_wrapstring, &string)

Because buggy software exists in the wild, act as though xdr_wrapstring
was used in the XDR_FREE case and plug these leaks.

Effort: CHERI upstreaming
Sponsored by: Innovate UK

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

brooks created this revision.Jan 22 2026, 10:12 AM

Herald added a subscriber: imp. · View Herald TranscriptJan 22 2026, 10:12 AM

brooks requested review of this revision.Jan 22 2026, 10:12 AM

Harbormaster completed remote builds in B70056: Diff 170230.Jan 22 2026, 10:12 AM

Herald added a reviewer: cheri. · View Herald TranscriptJan 22 2026, 10:12 AM

Herald added a reviewer: cheri. · View Herald Transcript

brooks added a parent revision: D54824: rpc/xdr.h: make xdrproc_t always take two arguments.Jan 22 2026, 10:12 AM

kib accepted this revision.Jan 22 2026, 2:28 PM

This revision is now accepted and ready to land.Jan 22 2026, 2:28 PM

Closed by commit rGe17d7ab869bb: xdr_string: don't leak strings with xdr_free (authored by brooks). · Explain WhyJan 23 2026, 11:07 AM

This revision was automatically updated to reflect the committed changes.

brooks added a commit: rGe17d7ab869bb: xdr_string: don't leak strings with xdr_free.

Revision Contents
Changeset List

Path

Size

lib/

libc/

xdr/

7 lines

sys/

xdr/

7 lines

Diff 170262

lib/libc/xdr/xdr.c

Loading...

sys/xdr/xdr.c

Loading...