Minor memory leak in DHCP server config file parsing

To: dhcp-bugs@isc.org
Cc: debian-edu@lists.debian.org
Subject: Minor memory leak in DHCP server config file parsing
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sun, 03 Jan 2010 10:51:16 +0100
Message-id: <2fliqbjikiz.fsf@login2.uio.no>

I discovered this leak while running
'valgrind --leak-check=full /usr/sbin/dhcpd3 eth0 eth1 -d' and
stopping right after the config file was parsed.

The values returned from parse_host_name() need to be free()ed, but
this is not done in parse_option_token().  This patch make sure the
returned values are released.  Fixing it make it easier to find other
and more important memory leaks in dhcpd.

I came across this while trying to locate and fix memory leaks in the
LDAP patch for dhcpd used by Debian Edu, and thought you might be
interested in fixing this issue in the main distribution. :)

--- dhcp3-3.1.1.orig/common/parse.c
+++ dhcp3-3.1.1/common/parse.c
@@ -4760,6 +4760,7 @@
 	int lookups;
 {
 	const char *val;
+	const char *freemem = NULL;
 	enum dhcp_token token;
 	struct expression *t = (struct expression *)0;
 	unsigned char buf [4];
@@ -4836,6 +4837,7 @@
 
 	      case 'd': /* Domain name... */
 		val = parse_host_name (cfile);
+		freemem = val;
 		if (!val) {
 			parse_warn (cfile, "not a valid domain name.");
 			skip_to_semi (cfile);
@@ -4858,6 +4860,7 @@
 		if (!make_const_data (&t, (const unsigned char *)val,
 				      len, 1, 1, MDL))
 			log_fatal ("No memory for concatenation");
+		if (freemem) { free(freemem); freemem = NULL; }
 		break;
 		
 	      case 'N':

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Prev by Date: Most popular invalid top level DNS domains
Next by Date: debian to debian-edu, fai
Previous by thread: Most popular invalid top level DNS domains
Next by thread: debian to debian-edu, fai
Index(es):
- Date
- Thread