Pino Toscano
2018-Apr-27 14:30 UTC
[Libguestfs] [PATCH] common/mlpcre: fix access to freed memory
free_last_match() frees the memory of the match passed as argument, so
accessing it is not possible after free_last_match(). Since all we
need is the return code, save it locally for later usage.
---
common/mlpcre/pcre-c.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/common/mlpcre/pcre-c.c b/common/mlpcre/pcre-c.c
index da982025f..0762a8341 100644
--- a/common/mlpcre/pcre-c.c
+++ b/common/mlpcre/pcre-c.c
@@ -207,8 +207,9 @@ guestfs_int_pcre_matches (value rev, value strv)
m->r = pcre_exec (re, NULL, m->subject, len, 0, 0, m->vec, veclen);
if (m->r < 0 && m->r != PCRE_ERROR_NOMATCH) {
+ int ret = m->r;
free_last_match (m);
- raise_pcre_error ("pcre_exec", m->r);
+ raise_pcre_error ("pcre_exec", ret);
}
/* This error would indicate that pcre_exec ran out of space in the
--
2.14.3
Richard W.M. Jones
2018-Apr-27 14:41 UTC
Re: [Libguestfs] [PATCH] common/mlpcre: fix access to freed memory
On Fri, Apr 27, 2018 at 04:30:11PM +0200, Pino Toscano wrote:> free_last_match() frees the memory of the match passed as argument, so > accessing it is not possible after free_last_match(). Since all we > need is the return code, save it locally for later usage. > --- > common/mlpcre/pcre-c.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/common/mlpcre/pcre-c.c b/common/mlpcre/pcre-c.c > index da982025f..0762a8341 100644 > --- a/common/mlpcre/pcre-c.c > +++ b/common/mlpcre/pcre-c.c > @@ -207,8 +207,9 @@ guestfs_int_pcre_matches (value rev, value strv) > > m->r = pcre_exec (re, NULL, m->subject, len, 0, 0, m->vec, veclen); > if (m->r < 0 && m->r != PCRE_ERROR_NOMATCH) { > + int ret = m->r; > free_last_match (m); > - raise_pcre_error ("pcre_exec", m->r); > + raise_pcre_error ("pcre_exec", ret); > }Oops. ACK, thanks. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/
Possibly Parallel Threads
- [PATCH v2 1/3] common/mlpcre: add offset flag for PCRE.matches
- [PATCH 1/3] common/mlpcre: add offset flag for PCRE.matches
- [PATCH v3 02/22] common/mlpcre: Add PCRE.subi to return indexes instead of the substring.
- [PATCH v2 0/3] v2v: add -o json output mode
- [PATCH] Fully initialize the custom_operations structs