PERFORCE change 99418 for review
Clément Lecigne
clem1 at FreeBSD.org
Sat Jun 17 11:30:55 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=99418
Change 99418 by clem1 at clem1_ipv6vulns on 2006/06/17 11:30:42
free your malloc, dude!
Affected files ...
.. //depot/projects/soc2006/clem1_ipv6vulns/fuzzers/local/setsockopt/setsockopt.c#3 edit
Differences ...
==== //depot/projects/soc2006/clem1_ipv6vulns/fuzzers/local/setsockopt/setsockopt.c#3 (text+ko) ====
@@ -182,6 +182,7 @@
void ssf_rthdr(int sock){
int on = 1;
char payload[PAYLOAD_SIZE_MAX];
+ char *ip = NULL;
struct in6_addr v6;
struct cmsghdr *cmsg = NULL;
struct ip6_rthdr *rthdr;
@@ -218,8 +219,10 @@
if(rthdr == NULL)
return;
for(i = 0; i < segments; i++){
- inet_pton(AF_INET6, (char *)randipv6(), &v6);
+ ip = (char *)randipv6();
+ inet_pton(AF_INET6, ip, &v6);
inet6_rth_add(rthdr, &v6);
+ free(ip);
}
optlen = (rthdr->ip6r_len + 1) << 3;
optval = (unsigned int)&rthdr;
@@ -239,7 +242,9 @@
fuzzlog("setsockopt", "dddad", sock, IPPROTO_IPV6, optname, optval, optlen);
ret = setsockopt(sock, IPPROTO_IPV6, optname, (void *)optval, optlen);
- fuzzlog("", "r", ret);
+ fuzzlog("", "r", ret);;
+ if(cmsg != NULL && (char *)cmsg != payload)
+ free(cmsg);
return;
}
More information about the p4-projects
mailing list