Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 30 Dec 2016 23:44:39 +0000 (UTC)
From:      Ngie Cooper <ngie@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r310873 - head/contrib/bsnmp/snmp_mibII
Message-ID:  <201612302344.uBUNidMT063906@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: ngie
Date: Fri Dec 30 23:44:39 2016
New Revision: 310873
URL: https://svnweb.freebsd.org/changeset/base/310873

Log:
  Guard against use-after-free after calling mibif_free(..)
  
  Set variables to NULL after calling free.
  
  Also, remove unnecessary if (x != NULL) checks before calling free(x)
  
  MFC after:	1 week

Modified:
  head/contrib/bsnmp/snmp_mibII/mibII.c

Modified: head/contrib/bsnmp/snmp_mibII/mibII.c
==============================================================================
--- head/contrib/bsnmp/snmp_mibII/mibII.c	Fri Dec 30 23:41:33 2016	(r310872)
+++ head/contrib/bsnmp/snmp_mibII/mibII.c	Fri Dec 30 23:44:39 2016	(r310873)
@@ -707,10 +707,11 @@ mibif_free(struct mibif *ifp)
 	}
 
 	free(ifp->private);
-	if (ifp->physaddr != NULL)
-		free(ifp->physaddr);
-	if (ifp->specmib != NULL)
-		free(ifp->specmib);
+	ifp->private = NULL;
+	free(ifp->physaddr);
+	ifp->physaddr = NULL;
+	free(ifp->specmib);
+	ifp->specmib = NULL;
 
 	STAILQ_FOREACH(map, &mibindexmap_list, link)
 		if (map->mibif == ifp) {
@@ -745,8 +746,8 @@ mibif_free(struct mibif *ifp)
 		at = at1;
 	}
 
-
 	free(ifp);
+	ifp = NULL;
 	mib_if_number--;
 	mib_iftable_last_change = this_tick;
 }



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612302344.uBUNidMT063906>