diff options
| author |   tb <tb@openbsd.org> | 2020-11-09 04:20:46 +0000 |
|---|---|---|
| committer | tb <tb@openbsd.org> | 2020-11-09 04:20:46 +0000 |
| commit | dbebd7531b6262351d4a75790559109f54aa24f9 (patch) | |
| tree | 0d948e6db9c8fbda64a82c018b645f649617bfac | |
| parent | Don't leak domain when freeing block list nodes (diff) | |
| download | wireguard-openbsd-dbebd7531b6262351d4a75790559109f54aa24f9.tar.xz wireguard-openbsd-dbebd7531b6262351d4a75790559109f54aa24f9.zip | |
Check for and handle duplicates on RB_INSERT
If the configuration contains duplicate domains in the block list
file or a force list, the nodes would leak in the frontend process
each time the config is reloaded. Also add a check when copying the
force list over imsg and fatal if a duplicate is encountered. This
should never happen.
ok florian
| -rw-r--r-- | sbin/unwind/frontend.c | 8 | ||||
| -rw-r--r-- | sbin/unwind/parse.y | 7 | ||||
| -rw-r--r-- | sbin/unwind/unwind.c | 8 |
3 files changed, 17 insertions, 6 deletions
diff --git a/sbin/unwind/frontend.c b/sbin/unwind/frontend.c index 906d37ad391..a07e71a1572 100644 --- a/sbin/unwind/frontend.c +++ b/sbin/unwind/frontend.c @@ -1,4 +1,4 @@ -/* $OpenBSD: frontend.c,v 1.54 2020/11/09 04:13:32 tb Exp $ */ +/* $OpenBSD: frontend.c,v 1.55 2020/11/09 04:20:46 tb Exp $ */ /* * Copyright (c) 2018 Florian Obser <florian@openbsd.org> @@ -1173,7 +1173,11 @@ parse_blocklist(int fd) fatal("%s: malloc", __func__); if ((bl_node->domain = strdup(line)) == NULL) fatal("%s: strdup", __func__); - RB_INSERT(bl_tree, &bl_head, bl_node); + if (RB_INSERT(bl_tree, &bl_head, bl_node) != NULL) { + log_warnx("duplicate blocked domain \"%s\"", line); + free(bl_node->domain); + free(bl_node); + } } free(line); if (ferror(f)) diff --git a/sbin/unwind/parse.y b/sbin/unwind/parse.y index 01b87dd17ad..f99a3caf1e1 100644 --- a/sbin/unwind/parse.y +++ b/sbin/unwind/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.22 2019/12/08 09:47:50 florian Exp $ */ +/* $OpenBSD: parse.y,v 1.23 2020/11/09 04:20:46 tb Exp $ */ /* * Copyright (c) 2018 Florian Obser <florian@openbsd.org> @@ -366,7 +366,10 @@ force_list: force_list optnl STRING { YYERROR; } } - RB_INSERT(force_tree, &$$, e); + if (RB_INSERT(force_tree, &$$, e) != NULL) { + log_warnx("duplicate force %s", e->domain); + free(e); + } } | /* empty */ { RB_INIT(&$$); diff --git a/sbin/unwind/unwind.c b/sbin/unwind/unwind.c index c9673e86b28..3fa4dfc245b 100644 --- a/sbin/unwind/unwind.c +++ b/sbin/unwind/unwind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: unwind.c,v 1.50 2020/11/05 16:22:59 florian Exp $ */ +/* $OpenBSD: unwind.c,v 1.51 2020/11/09 04:20:46 tb Exp $ */ /* * Copyright (c) 2018 Florian Obser <florian@openbsd.org> @@ -886,7 +886,11 @@ imsg_receive_config(struct imsg *imsg, struct uw_conf **xconf) fatal(NULL); memcpy(force_entry, imsg->data, sizeof(struct force_tree_entry)); - RB_INSERT(force_tree, &nconf->force, force_entry); + if (RB_INSERT(force_tree, &nconf->force, force_entry) != NULL) { + free(force_entry); + fatalx("%s: IMSG_RECONF_FORCE duplicate entry", + __func__); + } break; default: log_debug("%s: error handling imsg %d", __func__, |