Re: New autofs in sid, please push to testing
On Thu, May 12, 2005 at 09:41:52PM -0700, Steve Langasek wrote:
>> I've uploaded autofs 4.1.3+4.1.4beta2-8 to sid, which fixes (to the best of
>> my knowledge -- I can't reproduce the problems myself) two important bugs,
>> and contains no other changes. vorlon promised me a freeze exception for the
>> upload, so letting it through to sarge would be nice :-) Thanks.
> Hmm, memory leak:
>
> [...]
>
> ++int is_local_mount(const char *hostpath)
> ++{
>
> [...]
>
> Memory is allocated for hostname on every call, and never freed.
I've fixed this in 4.1.3+4.1.4beta2-10 (just uploaded); it's a simple fix
(free(hostname) added three or four places -- it's being used in printf()s
etc. in various code branches, so I can't just free it once).
> The get_best_mount function worries me, as it's writing to a caller-provided
> pointer (char *what) with no bounds checking. This appears to be the
> intended *use* of the pointer, so this isn't a blocking issue, it's just
> something that ought to be cleaned up at some point (including making sure
> there's no exploitable buffer overflow here when using things like LDAP or
> Hesiod maps).
Cc-ing the autofs list :-)
/* Steinar */
--
Homepage: http://www.sesse.net/
Reply to: