diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2012-10-11 02:01:08 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2012-10-11 02:06:51 +0200 |
| commit | 493604d52b466fa7d8444582f547b229710f1dd4 (patch) | |
| tree | 2149f686958be299c324035f5817ed832510dd13 | |
| parent | 70055c88b201d761b374196159421a3791ecdcac (diff) | |
| download | eurephia-493604d52b466fa7d8444582f547b229710f1dd4.tar.gz eurephia-493604d52b466fa7d8444582f547b229710f1dd4.tar.xz eurephia-493604d52b466fa7d8444582f547b229710f1dd4.zip | |
eurephia-auth: Fixed a double-free situation with dev-type is not obvious
If OpenVPN is configured with a unkown --dev name and --dev-type is used,
eurephia would in some specific situations double-free a memory region
keeping the dev-type information. GETENV_*() functions returns a pointer
to a buffer which is supposed to be free'd, but pointers returned by
eGet_value() should not be free'd.
And in the error situation if dev-type is not forced or detected, the
memory allocated by GETENV_DEVNAME() was not properly free'd.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
(cherry picked from commit 00bd0ac4cc901004aeaf4548813bb465bce5243f)
| -rw-r--r-- | plugin/eurephia-auth.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/plugin/eurephia-auth.c b/plugin/eurephia-auth.c index 41822d7..97fb38f 100644 --- a/plugin/eurephia-auth.c +++ b/plugin/eurephia-auth.c @@ -135,8 +135,6 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[]) "Unkown openvpn_devtype configuration value: '%s'. " "Will try to auto-detect the type for the %s device.", devtype, devname); - free_nullsafe(ctx, devtype); - } else { ctx->tuntype = tuntype; forced = 1; @@ -151,6 +149,7 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[]) ctx->tuntype = tuntype; goto success; } + free_nullsafe(ctx, devtype); // If no 'dev_type', try to guess the dev-type based on the dev name tuntype = conv_str2tuntype(devname); @@ -165,6 +164,7 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[]) "You need to force the tunnel device type setting the 'openvpn_devtype' " "configuration value.", devname); + free_nullsafe(ctx, devname); return 0; success: @@ -172,7 +172,6 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[]) "OpenVPN device type is %s %s on the %s device.", (forced ? "forced to" : "detected as"), (tuntype == tuntype_TUN ? "TUN" : "TAP"), devname); - free_nullsafe(ctx, devtype); free_nullsafe(ctx, devname); return 1; } |