isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix use-after-free on error.

Browse Source 
Also remove useless free of a ptr that is always NULL on the error path.
This commit is contained in:
Todd C. Miller
2021-08-26 10:07:50 -06:00
parent dc30c842bb
commit 3d8b327c60
1 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/exec_intercept.c
View File

@@ -241,7 +241,6 @@ update_command_info(char * const *old_command_info, const char *cmnd,
debug_return_ptr(command_info); debug_return_ptr(command_info);
bad: bad:
free(command_info); free(command_info);
free(tmp_command);
debug_return_ptr(NULL); debug_return_ptr(NULL);
} }
@@ -408,12 +407,6 @@ intercept_check_policy(PolicyCheckRequest *req,
ret = true; ret = true;
done: done:
if (!ISSET(closure->details->flags, CD_INTERCEPT)) {
free(tofree);
free(command_info);
}
free(argv);
if (!ret) { if (!ret) {
if (closure->errstr == NULL) if (closure->errstr == NULL)
closure->errstr = N_("policy plugin error"); closure->errstr = N_("policy plugin error");
@@ -421,6 +414,12 @@ done:
command_info); command_info);
closure->state = POLICY_ERROR; closure->state = POLICY_ERROR;
} }
if (!ISSET(closure->details->flags, CD_INTERCEPT)) {
free(tofree);
free(command_info);
}
free(argv);
debug_return_bool(ret); debug_return_bool(ret);
} }