diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2004-03-06 21:49:26 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2004-03-06 21:49:26 +0000 |
| commit | 0056c3cd636c501cd8f6bf4df02ae57ec106a909 (patch) | |
| tree | 5e889961fd8164793f824420e1f98b310c5d930e /sbin/pfctl/parse.y | |
| parent | 6af7521cd032d3b6e95e7fae48af84175f8ba75c (diff) | |
from bgpd:
plug a memory leak in the lexer.
the issue is this code fragement from yylex():
. token = lookup(buf);
. yylval.v.string = strdup(buf);
. if (yylval.v.string == NULL)
. err(1, "yylex: strdup");
. return (token);
lookup() tries to match buf against a list of keywords, and returns the
associated token if it has a match, or the token STRING otherwise.
STRING is the only token that needs (and free()s) yylval.v.string. however,
we assigned memory for it with the strdup in yylex for each and every token.
the fix is obviously only setting yylval.v.string when lookup() returns STRING.
Patrick Latifi noticed that something was leaking with token handling,
analysis and fix by me.
ok deraadt@
Diffstat (limited to 'sbin/pfctl/parse.y')
| -rw-r--r-- | sbin/pfctl/parse.y | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 1bf0f7618a3..661899d8452 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.445 2004/03/01 17:40:54 dhartmei Exp $ */ +/* $OpenBSD: parse.y,v 1.446 2004/03/06 21:49:25 henning Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -4478,10 +4478,9 @@ top: } while ((c = lgetc(fin)) != EOF && (allowed_in_string(c))); lungetc(c); *p = '\0'; - token = lookup(buf); - yylval.v.string = strdup(buf); - if (yylval.v.string == NULL) - err(1, "yylex: strdup"); + if ((token = lookup(buf)) == STRING) + if ((yylval.v.string = strdup(buf)) == NULL) + err(1, "yylex: strdup"); return (token); } if (c == '\n') { |