From e91583fb20b584621dd48031bef68279945f7aa6 Mon Sep 17 00:00:00 2001
From: Quentin Armitage <quentin@armitage.org.uk>
Date: Tue, 20 Nov 2018 13:03:55 +0000
Subject: [PATCH] Fix double free when global data smtp_helo_name copied from
 local_name

Issue #1071 identified a double free fault. It occurred when smtp_helo_name
was not set, in which case it was set to point to the same malloc'd memory
as local_name. At termination keepalived freed both local_name and
smtp_helo_name.

If keepalived needs to use local_name for smtp_helo_name it now malloc's
aadditional memory to copy the string into.

Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
---
 keepalived/core/global_data.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/keepalived/core/global_data.c b/keepalived/core/global_data.c
index cd381d9b..be9fecbd 100644
--- a/keepalived/core/global_data.c
+++ b/keepalived/core/global_data.c
@@ -257,8 +257,10 @@ init_global_data(data_t * data, data_t *old_global_data)
 			if (!data->email_from)
 				set_default_email_from(data, data->local_name);
 
-			if (!data->smtp_helo_name)
-				data->smtp_helo_name = data->local_name;
+			if (!data->smtp_helo_name) {
+				data->smtp_helo_name = MALLOC(strlen(data->local_name) + 1);
+				strcpy(data->smtp_helo_name, data->local_name);
+			}
 		}
 	}
 
-- 
2.20.1