[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Minor memory leak in DHCP server config file parsing

I discovered this leak while running
'valgrind --leak-check=full /usr/sbin/dhcpd3 eth0 eth1 -d' and
stopping right after the config file was parsed.

The values returned from parse_host_name() need to be free()ed, but
this is not done in parse_option_token().  This patch make sure the
returned values are released.  Fixing it make it easier to find other
and more important memory leaks in dhcpd.

I came across this while trying to locate and fix memory leaks in the
LDAP patch for dhcpd used by Debian Edu, and thought you might be
interested in fixing this issue in the main distribution. :)

--- dhcp3-3.1.1.orig/common/parse.c
+++ dhcp3-3.1.1/common/parse.c
@@ -4760,6 +4760,7 @@
 	int lookups;
 	const char *val;
+	const char *freemem = NULL;
 	enum dhcp_token token;
 	struct expression *t = (struct expression *)0;
 	unsigned char buf [4];
@@ -4836,6 +4837,7 @@
 	      case 'd': /* Domain name... */
 		val = parse_host_name (cfile);
+		freemem = val;
 		if (!val) {
 			parse_warn (cfile, "not a valid domain name.");
 			skip_to_semi (cfile);
@@ -4858,6 +4860,7 @@
 		if (!make_const_data (&t, (const unsigned char *)val,
 				      len, 1, 1, MDL))
 			log_fatal ("No memory for concatenation");
+		if (freemem) { free(freemem); freemem = NULL; }
 	      case 'N':

Happy hacking,
Petter Reinholdtsen

Reply to: