Avoid read of free()d memory
Alex Kiernan
alexk at demon.net
Wed Feb 14 10:42:53 UTC 2001
On solaris at least, this was causing a read of free()d memory inside
putenv:
Index: lib/getconfig.c
===================================================================
RCS file: /upstream-repositories/inn-cvs.isc.org/inn/lib/getconfig.c,v
retrieving revision 1.83
diff -u -r1.83 getconfig.c
--- lib/getconfig.c 2001/02/07 08:41:40 1.83
+++ lib/getconfig.c 2001/02/14 10:37:18
@@ -326,6 +326,7 @@
CheckInnConf(void)
{
static char *tmpdir = NULL;
+ char *oldtmpdir;
static unsigned int dirlen = 0;
if (GetFQDN(innconf->domain) == NULL) {
@@ -402,12 +403,11 @@
/* Set the TMPDIR variable unconditionally and globally */
if (8 + strlen(innconf->pathtmp) > dirlen)
dirlen = 8 + strlen(innconf->pathtmp);
- if (tmpdir == NULL)
- tmpdir = NEW(char, dirlen);
- else
- RENEW(tmpdir, char, dirlen);
+ oldtmpdir = tmpdir;
+ tmpdir = NEW(char, dirlen);
sprintf(tmpdir, "TMPDIR=%s", innconf->pathtmp);
putenv(tmpdir);
+ free(oldtmpdir);
/* tmpdir should not be freed for some OS */
if (innconf->enableoverview && innconf->ovmethod == NULL) {
syslog(L_FATAL, "'ovmethod' must be defined in inn.conf if enableoverview is true");
--
Alex Kiernan, Principal Engineer, Development, Thus PLC
More information about the inn-patches
mailing list