[Dnsmasq-discuss] [PATCH] Fix segfault when file extension is not passed in --conf-dir

Tomas Hozza thozza at redhat.com
Thu Oct 2 15:03:36 BST 2014


Hello.

while testing dnsmasq 2.72 I discovered it can fail with segfault.

Reproducer:
./dnsmasq --conf-dir=.,

I'm attaching a patch.

Also I scanned the 2.72 version against 2.71 version with coverity.

It looks good except one issue I'm not sure if it is worth fixing:
Error: RESOURCE_LEAK (CWE-772):
dnsmasq-2.72/src/option.c:1477: alloc_fn: Storage is returned from allocation
function "opt_malloc(size_t)".
dnsmasq-2.72/src/option.c:512:7: alloc_fn: Storage is returned from allocation
function "whine_malloc(size_t)".
dnsmasq-2.72/src/util.c:258:13: alloc_fn: Storage is returned from allocation
function "malloc(size_t)".
dnsmasq-2.72/src/util.c:258:13: var_assign: Assigning: "ret" = "malloc(size)".
dnsmasq-2.72/src/util.c:263:3: return_alloc: Returning allocated memory "ret".
dnsmasq-2.72/src/option.c:512:7: var_assign: Assigning: "ret" =
"whine_malloc(size)".
dnsmasq-2.72/src/option.c:519:3: return_alloc: Returning allocated memory "ret".
dnsmasq-2.72/src/option.c:1477: var_assign: Assigning: "li" = storage returned
from "opt_malloc(16UL)".
dnsmasq-2.72/src/option.c:1481: var_assign: Assigning: "match_suffix" = "li".
dnsmasq-2.72/src/option.c:1559: leaked_storage: Variable "match_suffix" going
out of scope leaks the storage it points to.
dnsmasq-2.72/src/option.c:1559: leaked_storage: Variable "li" going out of scope
leaks the storage it points to.

>From the source it looks like the match_suffix is never freed,
while the ignore_suffix is freed.


Regards,
-- 
Tomas Hozza
Software Engineer - EMEA ENG Developer Experience

PGP: 1D9F3C2D
Red Hat Inc.                               http://cz.redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-segfault-when-file-extension-is-not-passed-in-co.patch
Type: text/x-patch
Size: 822 bytes
Desc: not available
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20141002/243c67be/attachment.bin>


More information about the Dnsmasq-discuss mailing list