From 1c09eab703de18430241a11abec0526512d851b9 Mon Sep 17 00:00:00 2001 From: Ulrich Sibiller Date: Tue, 28 Nov 2017 21:18:48 +0100 Subject: Loop.cpp: fix two memleaks --- nxcomp/src/Loop.cpp | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'nxcomp/src/Loop.cpp') diff --git a/nxcomp/src/Loop.cpp b/nxcomp/src/Loop.cpp index b51d7e7e3..ca9e5ed08 100644 --- a/nxcomp/src/Loop.cpp +++ b/nxcomp/src/Loop.cpp @@ -4278,15 +4278,20 @@ int ListenConnectionTCP(const char *host, long port, const char *label) int ListenConnection(ChannelEndPoint &endpoint, const char *label) { - char *unixPath, *host; + char *unixPath = NULL, *host = NULL; long port; + int result = -1; if (endpoint.getUnixPath(&unixPath)) { - return ListenConnectionUnix(unixPath, label); + result = ListenConnectionUnix(unixPath, label); } else if (endpoint.getTCPHostAndPort(&host, &port)) { - return ListenConnectionTCP(host, port, label); + result = ListenConnectionTCP(host, port, label); } - return -1; + free(unixPath); + unixPath = NULL; + free(host); + host = NULL; + return result; } static int AcceptConnection(int fd, int domain, const char *label) @@ -6739,10 +6744,20 @@ int ConnectToRemote(ChannelEndPoint &socketAddress) } } + free(unixPath); + unixPath = NULL; + free(hostName); + hostName = NULL; + return pFD; ConnectToRemoteError: + free(unixPath); + unixPath = NULL; + free(hostName); + hostName = NULL; + if (pFD != -1) { close(pFD); -- cgit v1.2.3 From 4dbee3a3f13657577f283bca22b281d7273c19e5 Mon Sep 17 00:00:00 2001 From: Ulrich Sibiller Date: Thu, 7 Dec 2017 22:35:59 +0100 Subject: nxcomp: use new macro SAFE_FREE(ptr) Should be used instead of free() calls and will clear the pointer after calling free(). This can prevent double-free or use-after-free errors. --- nxcomp/src/Loop.cpp | 33 +++++++++++++-------------------- 1 file changed, 13 insertions(+), 20 deletions(-) (limited to 'nxcomp/src/Loop.cpp') diff --git a/nxcomp/src/Loop.cpp b/nxcomp/src/Loop.cpp index ca9e5ed08..baad17699 100644 --- a/nxcomp/src/Loop.cpp +++ b/nxcomp/src/Loop.cpp @@ -3187,8 +3187,7 @@ int SetupProxyConnection() nxinfo << "Loop: listenSocket is "<< ( listenSocket.enabled() ? "enabled" : "disabled") << ". " << "The socket URI is '"<< ( socketUri != NULL ? socketUri : "") << "'.\n" << std::flush; - free(socketUri); - socketUri = NULL; + SAFE_FREE(socketUri); if (WE_INITIATE_CONNECTION) { @@ -3196,7 +3195,7 @@ int SetupProxyConnection() { nxinfo << "Loop: Going to connect to '" << socketUri << "'.\n" << std::flush; - free(socketUri); + SAFE_FREE(socketUri); proxyFD = ConnectToRemote(connectSocket); @@ -3219,7 +3218,7 @@ int SetupProxyConnection() { nxinfo << "Loop: Going to wait for connection at '" << socketUri << "'.\n" << std::flush; - free(socketUri); + SAFE_FREE(socketUri); proxyFD = WaitForRemote(listenSocket); @@ -4287,10 +4286,8 @@ int ListenConnection(ChannelEndPoint &endpoint, const char *label) else if (endpoint.getTCPHostAndPort(&host, &port)) { result = ListenConnectionTCP(host, port, label); } - free(unixPath); - unixPath = NULL; - free(host); - host = NULL; + SAFE_FREE(unixPath); + SAFE_FREE(host); return result; } @@ -6222,7 +6219,7 @@ int WaitForRemote(ChannelEndPoint &socketAddress) cerr << "Info" << ": Waiting for connection from " << hostLabel << " on socket '" << socketUri << "'.\n"; - free(socketUri); + SAFE_FREE(socketUri); // // How many times to loop waiting for connections @@ -6311,7 +6308,7 @@ int WaitForRemote(ChannelEndPoint &socketAddress) cerr << "Info" << ": Accepted connection from this host on Unix file socket '" << unixPath << "'.\n"; - free(unixPath); + SAFE_FREE(unixPath); break; } @@ -6744,19 +6741,15 @@ int ConnectToRemote(ChannelEndPoint &socketAddress) } } - free(unixPath); - unixPath = NULL; - free(hostName); - hostName = NULL; + SAFE_FREE(unixPath); + SAFE_FREE(hostName); return pFD; ConnectToRemoteError: - free(unixPath); - unixPath = NULL; - free(hostName); - hostName = NULL; + SAFE_FREE(unixPath); + SAFE_FREE(hostName); if (pFD != -1) { @@ -7953,7 +7946,7 @@ int ParseEnvironmentOptions(const char *env, int force) cerr << "Error" << ": Refusing 'listen' parameter with 'connect' being '" << socketUri << "'.\n"; - free(socketUri); + SAFE_FREE(socketUri); return -1; } @@ -7981,7 +7974,7 @@ int ParseEnvironmentOptions(const char *env, int force) cerr << "Error" << ": Refusing 'accept' parameter with 'connect' being '" << socketUri << "'.\n"; - free(socketUri); + SAFE_FREE(socketUri); return -1; } -- cgit v1.2.3