The following 3 patches are taken verbatim from the upstream git repository and correct memleak issues in both libconnect and bgpd as well as a null- pointer dereference problem.
>From b24b19f719fdd9c3d61a0c93552cd64d832d964c Mon Sep 17 00:00:00 2001 From: Stephen Hemminger <shemmin...@vyatta.com> Date: Tue, 6 Dec 2011 14:09:18 +0400 Subject: [PATCH] lib: fix memory leak on connect() failure
Change sockunion_log() to not use strdup(). This fixes a small memory
leak that occurs on every failed connect(), and is simpler/cleaner.
---
lib/sockunion.c | 23 +++++++++++------------
1 files changed, 11 insertions(+), 12 deletions(-)
diff --git a/lib/sockunion.c b/lib/sockunion.c
index a5382a7..27a7ab0 100644
--- a/lib/sockunion.c
+++ b/lib/sockunion.c
@@ -297,27 +297,24 @@ sockunion_sizeof (union sockunion *su)
}
/* return sockunion structure : this function should be revised. */
-static char *
-sockunion_log (union sockunion *su)
+static const char *
+sockunion_log (union sockunion *su, char *buf, size_t len)
{
- static char buf[SU_ADDRSTRLEN];
-
switch (su->sa.sa_family)
{
case AF_INET:
- snprintf (buf, SU_ADDRSTRLEN, "%s", inet_ntoa (su->sin.sin_addr));
- break;
+ return inet_ntop(AF_INET, &su->sin.sin_addr, buf, len);
+
#ifdef HAVE_IPV6
case AF_INET6:
- snprintf (buf, SU_ADDRSTRLEN, "%s",
- inet_ntop (AF_INET6, &(su->sin6.sin6_addr), buf, SU_ADDRSTRLEN));
+ return inet_ntop(AF_INET6, &(su->sin6.sin6_addr), buf, len);
break;
#endif /* HAVE_IPV6 */
+
default:
- snprintf (buf, SU_ADDRSTRLEN, "af_unknown %d ", su->sa.sa_family);
- break;
+ snprintf (buf, len, "af_unknown %d ", su->sa.sa_family);
+ return buf;
}
- return (XSTRDUP (MTYPE_TMP, buf));
}
/* sockunion_connect returns
@@ -379,8 +376,10 @@ sockunion_connect (int fd, union sockunion *peersu, unsigned short port,
{
if (errno != EINPROGRESS)
{
+ char str[SU_ADDRSTRLEN];
zlog_info ("can't connect to %s fd %d : %s",
- sockunion_log (&su), fd, safe_strerror (errno));
+ sockunion_log (&su, str, sizeof str),
+ fd, safe_strerror (errno));
return connect_error;
}
}
--
1.7.6.4
>From 6a2e0f36b103386e57dbe3a6ee4716e809111198 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <shemmin...@vyatta.com>
Date: Tue, 6 Dec 2011 14:04:12 +0400
Subject: [PATCH] lib: call filter delete hook before freeing access list
The delete_hook was being run after calling access list delete function.
This would cause ospf to dereference a NULL, in ospf_filter_update
because 'access->name' was already freed.
See also:
https://bugzilla.vyatta.com/show_bug.cgi?id=7654
---
lib/filter.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/filter.c b/lib/filter.c
index af8d587..6934182 100644
--- a/lib/filter.c
+++ b/lib/filter.c
@@ -1337,13 +1337,13 @@ DEFUN (no_access_list_all,
master = access->master;
- /* Delete all filter from access-list. */
- access_list_delete (access);
-
/* Run hook function. */
if (master->delete_hook)
(*master->delete_hook) (access);
+ /* Delete all filter from access-list. */
+ access_list_delete (access);
+
return CMD_SUCCESS;
}
@@ -1508,13 +1508,13 @@ DEFUN (no_ipv6_access_list_all,
master = access->master;
- /* Delete all filter from access-list. */
- access_list_delete (access);
-
/* Run hook function. */
if (master->delete_hook)
(*master->delete_hook) (access);
+ /* Delete all filter from access-list. */
+ access_list_delete (access);
+
return CMD_SUCCESS;
}
--
1.7.6.4
>From ce0af6ff5a4f200035ed4134da72a67f49a21dd6 Mon Sep 17 00:00:00 2001
From: "Oleg A. Arkhangelsky" <syso...@yandex.ru>
Date: Sat, 3 Dec 2011 15:18:19 +0400
Subject: [PATCH] bgpd: fix memory leak for extra attributes
this fixes commit b881c7074bb698aeb1b099175b325734fc6e44d2
---
bgpd/bgp_attr.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 29877eb..4e604b1 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -675,6 +675,7 @@ bgp_attr_unintern (struct attr **attr)
}
bgp_attr_unintern_sub (&tmp);
+ bgp_attr_extra_free (&tmp);
}
void
--
1.7.6.4
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
