From 89956417b40508d375254309715010722e32d72b Mon Sep 17 00:00:00 2001 From: Henning Brauer Date: Sat, 6 Mar 2004 21:41:45 +0000 Subject: plug a memory leak in the lexer. the issue is this code fragement from yylex(): . token = lookup(buf); . yylval.v.string = strdup(buf); . if (yylval.v.string == NULL) . fatal("yylex: strdup"); . return (token); lookup() tries to match buf against a list of keywords, and returns the associated token if it has a match, or the token STRING otherwise. STRING is the only token that needs (and free()s) yylval.v.string. however, we assigned memory for it with the strdup in yylex for each and every token. the fix is obviously only setting yylval.v.string when lookup() returns STRING. Patrick Latifi noticed that something was leaking with token handling, analysis and fix by me. ok deraadt@ --- usr.sbin/bgpd/parse.y | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y index 143e1e4f8fa..31adefd60dd 100644 --- a/usr.sbin/bgpd/parse.y +++ b/usr.sbin/bgpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.70 2004/03/05 21:52:45 henning Exp $ */ +/* $OpenBSD: parse.y,v 1.71 2004/03/06 21:41:44 henning Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer @@ -977,10 +977,9 @@ top: } while ((c = lgetc(fin)) != EOF && (allowed_in_string(c))); lungetc(c); *p = '\0'; - token = lookup(buf); - yylval.v.string = strdup(buf); - if (yylval.v.string == NULL) - fatal("yylex: strdup"); + if ((token = lookup(buf)) == STRING) + if ((yylval.v.string = strdup(buf)) == NULL) + fatal("yylex: strdup"); return (token); } if (c == '\n') { -- cgit v1.2.3