83 lines
2.1 KiB
Diff
83 lines
2.1 KiB
Diff
autofs-5.1.0 - fix FILE pointer check in defaults_read_config()
|
|
|
|
From: Ian Kent <raven@themaw.net>
|
|
|
|
Fix possible use after free usage of FILE pointer in defaults_read_config().
|
|
---
|
|
CHANGELOG | 1 +
|
|
lib/defaults.c | 15 +++++++--------
|
|
2 files changed, 8 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/CHANGELOG b/CHANGELOG
|
|
index 21c3ecd..d978529 100644
|
|
--- a/CHANGELOG
|
|
+++ b/CHANGELOG
|
|
@@ -7,6 +7,7 @@
|
|
- fix race accessing qdn in get_query_dn().
|
|
- fix leak in cache_push_mapent().
|
|
- fix config entry read buffer not checked.
|
|
+- fix FILE pointer check in defaults_read_config().
|
|
|
|
04/06/2014 autofs-5.1.0
|
|
=======================
|
|
diff --git a/lib/defaults.c b/lib/defaults.c
|
|
index a83dcee..1c3df56 100644
|
|
--- a/lib/defaults.c
|
|
+++ b/lib/defaults.c
|
|
@@ -1056,6 +1056,8 @@ unsigned int defaults_read_config(unsigned int to_syslog)
|
|
|
|
ret = 1;
|
|
|
|
+ conf = oldconf = NULL;
|
|
+
|
|
pthread_mutex_lock(&conf_mutex);
|
|
if (!config) {
|
|
if (conf_init()) {
|
|
@@ -1082,15 +1084,11 @@ unsigned int defaults_read_config(unsigned int to_syslog)
|
|
stb.st_mtime <= config->modified &&
|
|
(oldstat = fstat(fileno(oldconf), &oldstb) == -1) &&
|
|
oldstb.st_mtime <= config->modified) {
|
|
- fclose(conf);
|
|
- fclose(oldconf);
|
|
goto out;
|
|
}
|
|
|
|
if (conf || oldconf) {
|
|
if (!reset_defaults(to_syslog)) {
|
|
- fclose(conf);
|
|
- fclose(oldconf);
|
|
ret = 0;
|
|
goto out;
|
|
}
|
|
@@ -1108,10 +1106,8 @@ unsigned int defaults_read_config(unsigned int to_syslog)
|
|
}
|
|
}
|
|
|
|
- if (conf) {
|
|
+ if (conf)
|
|
read_config(to_syslog, conf, DEFAULT_CONFIG_FILE);
|
|
- fclose(conf);
|
|
- }
|
|
|
|
/*
|
|
* Read the old config file and override the installed
|
|
@@ -1132,7 +1128,6 @@ unsigned int defaults_read_config(unsigned int to_syslog)
|
|
clean_ldap_multi_option(NAME_LDAP_URI);
|
|
|
|
read_config(to_syslog, oldconf, OLD_CONFIG_FILE);
|
|
- fclose(oldconf);
|
|
|
|
if (ldap_search_base) {
|
|
co = conf_lookup(sec, NAME_SEARCH_BASE);
|
|
@@ -1151,6 +1146,10 @@ unsigned int defaults_read_config(unsigned int to_syslog)
|
|
}
|
|
}
|
|
out:
|
|
+ if (conf)
|
|
+ fclose(conf);
|
|
+ if (oldconf)
|
|
+ fclose(oldconf);
|
|
pthread_mutex_unlock(&conf_mutex);
|
|
return ret;
|
|
}
|