[syslog-ng] [PATCH (3.4)] affile: Fix NULL dereference when opening the destination fails.
Gergely Nagy
algernon at balabit.hu
Fri Jun 24 00:36:22 CEST 2011
Gergely Nagy <algernon at balabit.hu> writes:
> Viktor Tusa discovered an error in the affile destination driver: if
> opening the destination failed (for example, due to insufficient
> permissions), next was set to NULL, and later on, at the end of
> affile_dd_open_writer() tried to dereferrence it.
>
> A simple workaround is to return NULL in case next is NULL.
>
> Reported-by: Viktor Tusa <tusa at balabit.hu>
> Signed-off-by: Gergely Nagy <algernon at balabit.hu>
Apparently, this was corrected in 3.3:
commit 33de4c3b4de40493544cee3cf3de8bd0e4d76d34
Author: Balazs Scheidler <bazsi at balabit.hu>
Date: Sun Jun 12 10:38:18 2011 +0200
[affile] fixed a reference counting problemin the file-open code
A reference was leaked whenever the same file got opened from multiple
threads at about the same time, causing use-after-free problems.
This patch also fixes a possible NULL deref that could happen if the writer
couldn't be initialized.
Signed-off-by: Viktor Juhasz <jviktor at balabit.hu>
Signed-off-by: Balazs Scheidler <bazsi at balabit.hu>
--
|8]
More information about the syslog-ng
mailing list