* [PATCH] rpc.mountd: Fix e_hostname and e_uuid leaks reported in bz1711210
@ 2019-05-23 5:47 Nikhil Kshirsagar
2019-05-23 13:43 ` Steve Dickson
0 siblings, 1 reply; 2+ messages in thread
From: Nikhil Kshirsagar @ 2019-05-23 5:47 UTC (permalink / raw)
To: linux-nfs; +Cc: steved, nkshirsa
strdup of exportent uuid and hostname in getexportent() ends up leaking
memory. Free the memory before getexportent() is called again from xtab_read()
Signed-off-by: Nikhil Kshirsagar <nkshirsa@redhat.com>
---
support/export/xtab.c | 19 ++++++++++++++++++-
support/nfs/exports.c | 15 +++++++++++++--
2 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/support/export/xtab.c b/support/export/xtab.c
index d42eeef..1e1d679 100644
--- a/support/export/xtab.c
+++ b/support/export/xtab.c
@@ -50,6 +50,14 @@ xtab_read(char *xtab, char *lockfn, int is_export)
while ((xp = getexportent(is_export==0, 0)) != NULL) {
if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) &&
!(exp = export_create(xp, is_export!=1))) {
+ if(xp->e_hostname) {
+ free(xp->e_hostname);
+ xp->e_hostname=NULL;
+ }
+ if(xp->e_uuid) {
+ free(xp->e_uuid);
+ xp->e_uuid=NULL;
+ }
continue;
}
switch (is_export) {
@@ -62,7 +70,16 @@ xtab_read(char *xtab, char *lockfn, int is_export)
if ((xp->e_flags & NFSEXP_FSID) && xp->e_fsid == 0)
v4root_needed = 0;
break;
- }
+ }
+ if(xp->e_hostname) {
+ free(xp->e_hostname);
+ xp->e_hostname=NULL;
+ }
+ if(xp->e_uuid) {
+ free(xp->e_uuid);
+ xp->e_uuid=NULL;
+ }
+
}
endexportent();
xfunlock(lockid);
diff --git a/support/nfs/exports.c b/support/nfs/exports.c
index 5f4cb95..a7582ca 100644
--- a/support/nfs/exports.c
+++ b/support/nfs/exports.c
@@ -179,9 +179,20 @@ getexportent(int fromkernel, int fromexports)
}
ee.e_hostname = xstrdup(hostname);
- if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0)
- return NULL;
+ if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) {
+ if(ee.e_hostname)
+ {
+ xfree(ee.e_hostname);
+ ee.e_hostname=NULL;
+ }
+ if(ee.e_uuid)
+ {
+ xfree(ee.e_uuid);
+ ee.e_uuid=NULL;
+ }
+ return NULL;
+ }
/* resolve symlinks */
if (realpath(ee.e_path, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
--
1.8.3.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] rpc.mountd: Fix e_hostname and e_uuid leaks reported in bz1711210
2019-05-23 5:47 [PATCH] rpc.mountd: Fix e_hostname and e_uuid leaks reported in bz1711210 Nikhil Kshirsagar
@ 2019-05-23 13:43 ` Steve Dickson
0 siblings, 0 replies; 2+ messages in thread
From: Steve Dickson @ 2019-05-23 13:43 UTC (permalink / raw)
To: Nikhil Kshirsagar, linux-nfs
On 5/23/19 1:47 AM, Nikhil Kshirsagar wrote:
> strdup of exportent uuid and hostname in getexportent() ends up leaking
> memory. Free the memory before getexportent() is called again from xtab_read()
>
> Signed-off-by: Nikhil Kshirsagar <nkshirsa@redhat.com>
Committed...
steved.
> ---
> support/export/xtab.c | 19 ++++++++++++++++++-
> support/nfs/exports.c | 15 +++++++++++++--
> 2 files changed, 31 insertions(+), 3 deletions(-)
>
> diff --git a/support/export/xtab.c b/support/export/xtab.c
> index d42eeef..1e1d679 100644
> --- a/support/export/xtab.c
> +++ b/support/export/xtab.c
> @@ -50,6 +50,14 @@ xtab_read(char *xtab, char *lockfn, int is_export)
> while ((xp = getexportent(is_export==0, 0)) != NULL) {
> if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) &&
> !(exp = export_create(xp, is_export!=1))) {
> + if(xp->e_hostname) {
> + free(xp->e_hostname);
> + xp->e_hostname=NULL;
> + }
> + if(xp->e_uuid) {
> + free(xp->e_uuid);
> + xp->e_uuid=NULL;
> + }
> continue;
> }
> switch (is_export) {
> @@ -62,7 +70,16 @@ xtab_read(char *xtab, char *lockfn, int is_export)
> if ((xp->e_flags & NFSEXP_FSID) && xp->e_fsid == 0)
> v4root_needed = 0;
> break;
> - }
> + }
> + if(xp->e_hostname) {
> + free(xp->e_hostname);
> + xp->e_hostname=NULL;
> + }
> + if(xp->e_uuid) {
> + free(xp->e_uuid);
> + xp->e_uuid=NULL;
> + }
> +
> }
> endexportent();
> xfunlock(lockid);
> diff --git a/support/nfs/exports.c b/support/nfs/exports.c
> index 5f4cb95..a7582ca 100644
> --- a/support/nfs/exports.c
> +++ b/support/nfs/exports.c
> @@ -179,9 +179,20 @@ getexportent(int fromkernel, int fromexports)
> }
> ee.e_hostname = xstrdup(hostname);
>
> - if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0)
> - return NULL;
> + if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) {
> + if(ee.e_hostname)
> + {
> + xfree(ee.e_hostname);
> + ee.e_hostname=NULL;
> + }
> + if(ee.e_uuid)
> + {
> + xfree(ee.e_uuid);
> + ee.e_uuid=NULL;
> + }
>
> + return NULL;
> + }
> /* resolve symlinks */
> if (realpath(ee.e_path, rpath) != NULL) {
> rpath[sizeof (rpath) - 1] = '\0';
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-05-23 13:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-23 5:47 [PATCH] rpc.mountd: Fix e_hostname and e_uuid leaks reported in bz1711210 Nikhil Kshirsagar
2019-05-23 13:43 ` Steve Dickson
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.