svn commit: r251958 - head/contrib/bmake
Simon J. Gerraty
sjg at FreeBSD.org
Tue Jun 18 19:35:52 UTC 2013
Author: sjg
Date: Tue Jun 18 19:35:51 2013
New Revision: 251958
URL: http://svnweb.freebsd.org/changeset/base/251958
Log:
Fix use after free bug.
Parse_SetInput:
curFile->fname was using the buffer passed to it - which ReadMakefile frees.
This change makes the comment in ParseEOF about leaking curFile->fname true.
Modified:
head/contrib/bmake/parse.c
Modified: head/contrib/bmake/parse.c
==============================================================================
--- head/contrib/bmake/parse.c Tue Jun 18 19:03:27 2013 (r251957)
+++ head/contrib/bmake/parse.c Tue Jun 18 19:35:51 2013 (r251958)
@@ -157,7 +157,7 @@ __RCSID("$NetBSD: parse.c,v 1.188 2013/0
* Structure for a file being read ("included file")
*/
typedef struct IFile {
- const char *fname; /* name of file */
+ char *fname; /* name of file */
int lineno; /* current line number in file */
int first_lineno; /* line number of start of text */
int cond_depth; /* 'if' nesting when file opened */
@@ -2344,7 +2344,7 @@ Parse_SetInput(const char *name, int lin
* name of the include file so error messages refer to the right
* place.
*/
- curFile->fname = name;
+ curFile->fname = bmake_strdup(name);
curFile->lineno = line;
curFile->first_lineno = line;
curFile->nextbuf = nextbuf;
@@ -2357,6 +2357,8 @@ Parse_SetInput(const char *name, int lin
buf = curFile->nextbuf(curFile->nextbuf_arg, &len);
if (buf == NULL) {
/* Was all a waste of time ... */
+ if (curFile->fname)
+ free(curFile->fname);
free(curFile);
return;
}
More information about the svn-src-head
mailing list