cvs commit: src/bin/setfacl setfacl.c
Edward Tomasz Napierala
trasz at FreeBSD.org
Sat Sep 6 13:17:52 UTC 2008
trasz 2008-09-06 13:17:35 UTC
FreeBSD src repository
Modified files:
bin/setfacl setfacl.c
Log:
SVN rev 182813 on 2008-09-06 13:17:35Z by trasz
Fix double free in setfacl(1). Description from the author:
Initially, 'acl' (an 'acl_t *') is allocated, and its ACCESS_ACL and
DEFAULT_ACL fields are passed to the 'libc' ACL routines for subsequent
allocation. If the '-m' option (merge existing ACL with a new one) is
specified, then 'set_acl_mask()' will be called and passed one of the
two ACLs. This function, in turn, replaces this given ACL structure by
another, freshly allocated. However, the pointer in the 'acl' variable
in the caller is not updated. The caller then proceeds to free the ACL,
incurring in a double free condition.
Submitted by: Pedro Martelletto <pedro at ambientworks.net>
Approved by: rwatson (mentor)
Revision Changes Path
1.14 +6 -4 src/bin/setfacl/setfacl.c
More information about the cvs-src
mailing list