mirror of
https://github.com/samba-team/samba.git
synced 2025-02-18 17:57:55 +03:00
ff003fc87b
popt1.19 fixes a leak that exposes a use as free, make sure we duplicate return of poptGetArg if poptFreeContext is called before we use it. ==5325== Invalid read of size 1 ==5325== at 0x4849782: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859E1C: talloc_strdup (talloc.c:2470) ==5325== by 0x48C0D37: talloc_sub_basic (substitute.c:303) ==5325== by 0x4894B98: lp_load_ex (loadparm.c:4004) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8b0 is 0 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 1 ==5325== at 0x4849794: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859E1C: talloc_strdup (talloc.c:2470) ==5325== by 0x48C0D37: talloc_sub_basic (substitute.c:303) ==5325== by 0x4894B98: lp_load_ex (loadparm.c:4004) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8b1 is 1 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 8 ==5325== at 0x484D3AE: memmove (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859DC2: __talloc_strlendup (talloc.c:2457) ==5325== by 0x4859E32: talloc_strdup (talloc.c:2470) ==5325== by 0x48C0D37: talloc_sub_basic (substitute.c:303) ==5325== by 0x4894B98: lp_load_ex (loadparm.c:4004) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8b0 is 0 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 2 ==5325== at 0x484D400: memmove (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859DC2: __talloc_strlendup (talloc.c:2457) ==5325== by 0x4859E32: talloc_strdup (talloc.c:2470) ==5325== by 0x48C0D37: talloc_sub_basic (substitute.c:303) ==5325== by 0x4894B98: lp_load_ex (loadparm.c:4004) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8c0 is 16 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 1 ==5325== at 0x484D430: memmove (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859DC2: __talloc_strlendup (talloc.c:2457) ==5325== by 0x4859E32: talloc_strdup (talloc.c:2470) ==5325== by 0x48C0D37: talloc_sub_basic (substitute.c:303) ==5325== by 0x4894B98: lp_load_ex (loadparm.c:4004) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8c2 is 18 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 1 ==5325== at 0x4849782: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859E1C: talloc_strdup (talloc.c:2470) ==5325== by 0x4B3B74B: add_to_file_list (loadparm.c:1023) ==5325== by 0x4894BD4: lp_load_ex (loadparm.c:4011) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8b0 is 0 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 1 ==5325== at 0x4849794: strlen (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859E1C: talloc_strdup (talloc.c:2470) ==5325== by 0x4B3B74B: add_to_file_list (loadparm.c:1023) ==5325== by 0x4894BD4: lp_load_ex (loadparm.c:4011) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8b1 is 1 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 8 ==5325== at 0x484D3AE: memmove (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859DC2: __talloc_strlendup (talloc.c:2457) ==5325== by 0x4859E32: talloc_strdup (talloc.c:2470) ==5325== by 0x4B3B74B: add_to_file_list (loadparm.c:1023) ==5325== by 0x4894BD4: lp_load_ex (loadparm.c:4011) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8b0 is 0 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 2 ==5325== at 0x484D400: memmove (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859DC2: __talloc_strlendup (talloc.c:2457) ==5325== by 0x4859E32: talloc_strdup (talloc.c:2470) ==5325== by 0x4B3B74B: add_to_file_list (loadparm.c:1023) ==5325== by 0x4894BD4: lp_load_ex (loadparm.c:4011) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8c0 is 16 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== ==5325== Invalid read of size 1 ==5325== at 0x484D430: memmove (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4859DC2: __talloc_strlendup (talloc.c:2457) ==5325== by 0x4859E32: talloc_strdup (talloc.c:2470) ==5325== by 0x4B3B74B: add_to_file_list (loadparm.c:1023) ==5325== by 0x4894BD4: lp_load_ex (loadparm.c:4011) ==5325== by 0x489529E: lp_load_with_registry_shares (loadparm.c:4237) ==5325== by 0x10ABD7: main (test_lp_load.c:98) ==5325== Address 0x72da8c2 is 18 bytes inside a block of size 20 free'd ==5325== at 0x484617B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B8F8B8: poptResetContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x4B905D4: poptFreeContext (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB8E: main (test_lp_load.c:90) ==5325== Block was alloc'd at ==5325== at 0x48437B4: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) ==5325== by 0x4B912EE: poptGetNextOpt (in /usr/lib64/libpopt.so.0.0.2) ==5325== by 0x10AB49: main (test_lp_load.c:74) ==5325== BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Ralph Boehme <slow@samba.org>