c5187b0dbf
- fix uri list locking (again).
- check for stale SASL credentials upon connect fail.
- add "forcestart" and "forcerestart" init script options to allow use of
5.0.3 strartup behavior if required.
- always read entire file map into cache to speed lookups.
- make MAX_ERR_BUF and PARSE_MAX_BUF use easier to audit.
- make some easy alloca replacements.
- update to configure libtirpc if present.
- update to provide ipv6 name and address support.
- update to provide ipv6 address parsing.
53 lines
1.3 KiB
Diff
53 lines
1.3 KiB
Diff
autofs-5.0.4 - fix hosts map use after free
|
|
|
|
From: Ian Kent <raven@themaw.net>
|
|
|
|
This patch fixed use a map entry after it has been freed in the
|
|
hosts map lookup module.
|
|
---
|
|
|
|
CHANGELOG | 1 +
|
|
modules/lookup_hosts.c | 8 +++++---
|
|
2 files changed, 6 insertions(+), 3 deletions(-)
|
|
|
|
|
|
diff --git a/CHANGELOG b/CHANGELOG
|
|
index eb4a189..3199e4d 100644
|
|
--- a/CHANGELOG
|
|
+++ b/CHANGELOG
|
|
@@ -9,6 +9,7 @@
|
|
Valerie Aurora Henson).
|
|
- clear the quoted flag after each character from program map input.
|
|
- use CLOEXEC flag for setmntent also.
|
|
+- fix hosts map use after free.
|
|
|
|
4/11/2008 autofs-5.0.4
|
|
-----------------------
|
|
diff --git a/modules/lookup_hosts.c b/modules/lookup_hosts.c
|
|
index 93b975a..d3ae0e2 100644
|
|
--- a/modules/lookup_hosts.c
|
|
+++ b/modules/lookup_hosts.c
|
|
@@ -138,17 +138,19 @@ int lookup_mount(struct autofs_point *ap, const char *name, int name_len, void *
|
|
/* Check if we recorded a mount fail for this key anywhere */
|
|
me = lookup_source_mapent(ap, name, LKP_DISTINCT);
|
|
if (me) {
|
|
+ struct mapent_cache *fmc = me->mc;
|
|
+
|
|
if (me->status >= time(NULL)) {
|
|
- cache_unlock(me->mc);
|
|
+ cache_unlock(fmc);
|
|
return NSS_STATUS_NOTFOUND;
|
|
}
|
|
|
|
if (!me->mapent) {
|
|
- cache_delete(me->mc, name);
|
|
+ cache_delete(fmc, name);
|
|
me = NULL;
|
|
}
|
|
|
|
- cache_unlock(me->mc);
|
|
+ cache_unlock(fmc);
|
|
}
|
|
|
|
cache_readlock(mc);
|