commit 97f695d099e60121700d47512172f1d6839dfb2a
Author: David Sommerseth <dazo@users.sourceforge.net>
Date: Fri Oct 19 18:24:18 2012 +0200
sqlite3: Improve error handling if memory alloc fails for SQL query string
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
(cherry picked from commit 2613675111387fb0753d31be74b5e0a362389ef8)
diff --git a/database/sqlite/sqlite.c b/database/sqlite/sqlite.c
index 0f4e0e6..a17f4b0 100644
--- a/database/sqlite/sqlite.c
+++ b/database/sqlite/sqlite.c
@@ -70,7 +70,7 @@ static void _sqlite_set_error(dbresult *dbres, ErrorSeverity sev, const char *qu
dbres->errSeverity = sev;
dbres->errMsg = strdup(errbuf);
- dbres->query = strdup(query);
+ dbres->query = strdup_nullsafe(query);
}
/**
@@ -327,7 +327,7 @@ void sqlite_log_error(eurephiaCTX *ctx, dbresult *dbres) {
if( dbres->status != dbSUCCESS ) {
eurephia_log(ctx, LOG_ERROR, 4, "SQL Error: %s", dbres->errMsg);
}
- DEBUG(ctx, 33, "SQL Query: %s", dbres->query);
+ DEBUG(ctx, 33, "SQL Query: %s", (dbres->query != NULL ? dbres->query : "(None)"));
}
@@ -397,6 +397,12 @@ dbresult *sqlite_query(eurephiaCTX *ctx, const char *fmt, ... ) {
sql = sqlite3_vmprintf(fmt, ap);
va_end(ap);
+ if( sql == NULL ) {
+ _sqlite_set_error(dbres, sevPANIC, NULL, "Could not allocate memory for SQL query string");
+ goto exit;
+ }
+
+
if( ctx->dbc == NULL ) {
_sqlite_set_error(dbres, sevPANIC, sql, "No open database connection to perfom SQL query to");
goto exit;
commit 493604d52b466fa7d8444582f547b229710f1dd4
Author: David Sommerseth <dazo@users.sourceforge.net>
Date: Thu Oct 11 02:01:08 2012 +0200
eurephia-auth: Fixed a double-free situation with dev-type is not obvious
If OpenVPN is configured with a unkown --dev name and --dev-type is used,
eurephia would in some specific situations double-free a memory region
keeping the dev-type information. GETENV_*() functions returns a pointer
to a buffer which is supposed to be free'd, but pointers returned by
eGet_value() should not be free'd.
And in the error situation if dev-type is not forced or detected, the
memory allocated by GETENV_DEVNAME() was not properly free'd.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
(cherry picked from commit 00bd0ac4cc901004aeaf4548813bb465bce5243f)
diff --git a/plugin/eurephia-auth.c b/plugin/eurephia-auth.c
index 41822d7..97fb38f 100644
--- a/plugin/eurephia-auth.c
+++ b/plugin/eurephia-auth.c
@@ -135,8 +135,6 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[])
"Unkown openvpn_devtype configuration value: '%s'. "
"Will try to auto-detect the type for the %s device.",
devtype, devname);
- free_nullsafe(ctx, devtype);
-
} else {
ctx->tuntype = tuntype;
forced = 1;
@@ -151,6 +149,7 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[])
ctx->tuntype = tuntype;
goto success;
}
+ free_nullsafe(ctx, devtype);
// If no 'dev_type', try to guess the dev-type based on the dev name
tuntype = conv_str2tuntype(devname);
@@ -165,6 +164,7 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[])
"You need to force the tunnel device type setting the 'openvpn_devtype' "
"configuration value.",
devname);
+ free_nullsafe(ctx, devname);
return 0;
success:
@@ -172,7 +172,6 @@ static inline int detect_tunnel_type(eurephiaCTX *ctx, const char const *env[])
"OpenVPN device type is %s %s on the %s device.",
(forced ? "forced to" : "detected as"),
(tuntype == tuntype_TUN ? "TUN" : "TAP"), devname);
- free_nullsafe(ctx, devtype);
free_nullsafe(ctx, devname);
return 1;
}
distrib
>
Fedora
>
16
>
x86_64
>
media
>
updates-src
>
by-pkgid
>
ce6c8819b7473ba9fb446f01a7d22610
>
files
>
3
