svn commit: r301790 - stable/9/usr.sbin/route6d
Garrett Cooper
ngie at FreeBSD.org
Fri Jun 10 14:42:38 UTC 2016
Author: ngie
Date: Fri Jun 10 14:42:36 2016
New Revision: 301790
URL: https://svnweb.freebsd.org/changeset/base/301790
Log:
MFstable/10 r301789:
MFC r299491:
r299491 (by cem):
route6d(8): Fix potential double-free
In the case that the subsequent sysctl(3) call failed, 'buf' could be free(3)ed
repeatedly. It isn't clear to me that that case is possible, but be clear and
do the right thing in case it is.
CID: 272537
Modified:
stable/9/usr.sbin/route6d/route6d.c
Directory Properties:
stable/9/ (props changed)
stable/9/usr.sbin/ (props changed)
stable/9/usr.sbin/route6d/ (props changed)
Modified: stable/9/usr.sbin/route6d/route6d.c
==============================================================================
--- stable/9/usr.sbin/route6d/route6d.c Fri Jun 10 14:40:41 2016 (r301789)
+++ stable/9/usr.sbin/route6d/route6d.c Fri Jun 10 14:42:36 2016 (r301790)
@@ -2646,8 +2646,10 @@ krtread(int again)
sleep(1);
retry++;
errmsg = NULL;
- if (buf)
+ if (buf) {
free(buf);
+ buf = NULL;
+ }
if (sysctl(mib, 6, NULL, &msize, NULL, 0) < 0) {
errmsg = "sysctl estimate";
continue;
More information about the svn-src-stable-9
mailing list