summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ChangeLog9
-rw-r--r--runtime/net.c29
2 files changed, 38 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 4ae6f982..d086ea2a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
- doc bugfix: v3-compatiblity document had typo in config directive
thanks to Andrej for reporting this
+- fixed a potential segfault condition with $AllowedSender directive
+ On HUP, the root pointers were not properly cleaned up. Thanks to
+ Michael Biebel, olgoat, and Juha Koho for reporting and analyzing
+ the bug.
---------------------------------------------------------------------------
Version 3.20.2 [v3-stable] (rgerhards), 2008-12-04
- re-release of 3.20.1 with an additional fix, that could also lead
@@ -209,6 +213,11 @@ Version 3.19.0 (rgerhards), 2008-05-06
for the patch
---------------------------------------------------------------------------
Version 3.18.7 (rgerhards), 2008-12-??
+=======
+- fixed a potential segfault condition with $AllowedSender directive
+ On HUP, the root pointers were not properly cleaned up. Thanks to
+ Michael Biebel, olgoat, and Juha Koho for reporting and analyzing
+ the bug.
- some legacy options were not correctly processed.
Thanks to varmojfekoj for the patch.
- doc bugfix: some spelling errors in man pages corrected. Thanks to
diff --git a/runtime/net.c b/runtime/net.c
index ac13597c..c5fa771e 100644
--- a/runtime/net.c
+++ b/runtime/net.c
@@ -116,6 +116,30 @@ setAllowRoot(struct AllowedSenders **ppAllowRoot, uchar *pszType)
finalize_it:
RETiRet;
}
+/* re-initializes (sets to NULL) the correct allow root pointer
+ * rgerhards, 2009-01-12
+ */
+static inline rsRetVal
+reinitAllowRoot(uchar *pszType)
+{
+ DEFiRet;
+
+ if(!strcmp((char*)pszType, "UDP"))
+ pAllowedSenders_UDP = NULL;
+ else if(!strcmp((char*)pszType, "TCP"))
+ pAllowedSenders_TCP = NULL;
+#ifdef USE_GSSAPI
+ else if(!strcmp((char*)pszType, "GSS"))
+ pAllowedSenders_GSS = NULL;
+#endif
+ else {
+ dbgprintf("program error: invalid allowed sender ID '%s', denying...\n", pszType);
+ ABORT_FINALIZE(RS_RET_CODE_ERR); /* everything is invalid for an invalid type */
+ }
+
+finalize_it:
+ RETiRet;
+}
/* add a wildcard entry to this permitted peer. Entries are always
@@ -556,6 +580,11 @@ clearAllowedSenders(uchar *pszType)
free(pPrev->allowedSender.addr.NetAddr);
free(pPrev);
}
+
+ /* indicate root pointer is de-init (was forgotten previously, resulting in
+ * all kinds of interesting things) -- rgerhards, 2009-01-12
+ */
+ reinitAllowRoot(pszType);
}