Bugzilla – Attachment 1379 Details for
Bug 1377
getpwuid called twice without pwcopy (percent_expand: NULL replacement)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
free passwd struct after dup
pwdup.diff (text/plain), 1.98 KB, created by
Damien Miller
on 2007-11-03 11:37:55 AEDT
(
hide
)
Description:
free passwd struct after dup
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2007-11-03 11:37:55 AEDT
Size:
1.98 KB
patch
obsolete
>Index: ssh.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh.c,v >retrieving revision 1.305 >diff -u -p -r1.305 ssh.c >--- ssh.c 29 Oct 2007 06:54:50 -0000 1.305 >+++ ssh.c 3 Nov 2007 00:32:14 -0000 >@@ -1239,6 +1239,7 @@ load_public_identity_files(void) > #endif /* SMARTCARD */ > if ((pw = getpwuid(original_real_uid)) == NULL) > fatal("load_public_identity_files: getpwuid failed"); >+ pw = pwcopy(pw); > if (gethostname(thishost, sizeof(thishost)) == -1) > fatal("load_public_identity_files: gethostname: %s", > strerror(errno)); >@@ -1256,6 +1257,7 @@ load_public_identity_files(void) > options.identity_files[i] = filename; > options.identity_keys[i] = public; > } >+ pwfree(pw); > } > > static void >Index: misc.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.c,v >retrieving revision 1.65 >diff -u -p -r1.65 misc.c >--- misc.c 23 Nov 2006 01:35:11 -0000 1.65 >+++ misc.c 3 Nov 2007 00:32:14 -0000 >@@ -197,6 +197,28 @@ pwcopy(struct passwd *pw) > return copy; > } > >+void >+pwfree(struct passwd *pw) >+{ >+#define PW_CLEAR_FREE(f) \ >+ do { \ >+ if (pw->f != NULL) { \ >+ bzero(pw->f, strlen(pw->f)); \ >+ xfree(pw->f); \ >+ } \ >+ } while (0) >+ >+ PW_CLEAR_FREE(pw_name); >+ PW_CLEAR_FREE(pw_passwd); >+ PW_CLEAR_FREE(pw_gecos); >+ PW_CLEAR_FREE(pw_class); >+ PW_CLEAR_FREE(pw_dir); >+ PW_CLEAR_FREE(pw_shell); >+ bzero(pw, sizeof(*pw)); >+ xfree(pw); >+#undef PW_CLEAR_FREE >+} >+ > /* > * Convert ASCII string to TCP/IP port number. > * Port must be >0 and <=65535. >Index: misc.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.h,v >retrieving revision 1.36 >diff -u -p -r1.36 misc.h >--- misc.h 18 Aug 2006 10:27:16 -0000 1.36 >+++ misc.h 3 Nov 2007 00:32:14 -0000 >@@ -35,6 +35,7 @@ char *tohex(const void *, size_t); > void sanitise_stdfd(void); > > struct passwd *pwcopy(struct passwd *); >+void pwfree(struct passwd *); > > typedef struct arglist arglist; > struct arglist {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1379">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1377
:
1364
| 1379