diff options
| author | Guy Harris <guy@alum.mit.edu> | 2018-10-17 00:59:40 -0700 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2018-10-17 00:59:40 -0700 |
| commit | bcbef226ca11662342b5e267e7f12066bcfd60d0 (patch) | |
| tree | a5d4f2473df643590eed03b4e9e0eee99da0a588 /gencode.h | |
| parent | db833b997d9d825a4bb0e78804d85552b38a562a (diff) | |
Plug some memory leaks.
For ARCNET and MAC addresses, don't convert them to binary until we get
to gen_acode() and gen_ecode(); instead, just save the string in a buffe
that's allocated in a way that gets cleaned up when the parser finishes,
the same way we do for some other string tokens. Otherwise, if the
parser fails before we get to free it, it gets leaked; that was
happening.
Save the generated binary address in the parser state until we're done
with it, so that, if a call that uses the parser state calls
bpf_error(), the generated binary address gets freed.
Credit to OSS-Fuzz for finding this issue.
Diffstat (limited to 'gencode.h')
| -rw-r--r-- | gencode.h | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -297,8 +297,8 @@ void gen_or(struct block *, struct block *); void gen_not(struct block *); struct block *gen_scode(compiler_state_t *, const char *, struct qual); -struct block *gen_ecode(compiler_state_t *, const u_char *, struct qual); -struct block *gen_acode(compiler_state_t *, const u_char *, struct qual); +struct block *gen_ecode(compiler_state_t *, const char *, struct qual); +struct block *gen_acode(compiler_state_t *, const char *, struct qual); struct block *gen_mcode(compiler_state_t *, const char *, const char *, unsigned int, struct qual); #ifdef INET6 |