Date: Mon, 3 Oct 2005 12:49:54 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_exec.c Message-ID: <200510031249.j93Cnskf080818@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2005-10-03 12:49:54 UTC
FreeBSD src repository
Modified files:
sys/kern kern_exec.c
Log:
If sufficiently bad things happen during a call to kern_execve(), it is
possible for do_execve() to call exit1() rather than returning. As a
result, the sequence "allocate memory; call kern_execve; free memory"
can end up leaking memory.
This commit documents this astonishing behaviour and adds a call to
exec_free_args() before the exit1() call in do_execve(). Since all
the users of kern_execve() in the tree use exec_free_args() to free
the command-line arguments after kern_execve() returns, this should
be safe, and it fixes the memory leak which can otherwise occur.
Submitted by: Peter Holm
MFC after: 3 days
Security: Local denial of service
Revision Changes Path
1.277 +8 -0 src/sys/kern/kern_exec.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510031249.j93Cnskf080818>