[syslog-ng] [PATCH 4/7] [affile]: Fix a possible double free
Balazs Scheidler
bazsi at balabit.hu
Sat May 28 14:21:00 CEST 2011
Hi,
On Mon, 2011-05-23 at 11:56 +0200, Gergely Nagy wrote:
> From: Juhasz Viktor <jviktor at balabit.hu>
>
> Duplicate the filename we insert into self->writer_hash, because
> otherwise, we're likely to end up trying to free it twice.
>
> Signed-off-by: Viktor Juhasz <jviktor at balabit.hu>
> ---
> modules/affile/affile.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/modules/affile/affile.c b/modules/affile/affile.c
> index c5e89f5..f6c70e9 100644
> --- a/modules/affile/affile.c
> +++ b/modules/affile/affile.c
> @@ -1046,7 +1046,7 @@ affile_dd_open_writer(gpointer args[])
> {
> log_pipe_ref(&next->super);
> g_static_mutex_lock(&self->lock);
> - g_hash_table_insert(self->writer_hash, filename->str, next);
> + g_hash_table_insert(self->writer_hash, strdup(filename->str), next);
> g_static_mutex_unlock(&self->lock);
> }
> }
I don't understand. The writer_hash hashtable contains a borrowed key,
nothing frees it there. Isn't it possible that the last patch (which
changed AFFileDestWriter->filename allocation) fixed this issue too?
And even if the strdup was necessary, g_strdup() should have been used,
as the g_malloc() style allocations may not map directly to malloc() on
some platforms.
--
Bazsi
More information about the syslog-ng
mailing list