This eliminates the memory leak which occurs when a user gives the
same string option multiple times. Although the leak is trivial under
normal conditions, the fact that it can be triggered by the user
means that it may be of interest to attackers, so let's plug the leak.
This also means that any o_string option without OPT_STATIC set needs
to have opt->addr pointing to a pointer which starts out NULL. That
is the case for all current uses of o_string.
Signed-off-by: Paul Mackerras <paulus@samba.org>
if (opt->flags & OPT_STATIC) {
strlcpy((char *)(opt->addr), *argv, opt->upper_limit);
} else {
+ char **optptr = (char **)(opt->addr);
sv = strdup(*argv);
if (sv == NULL)
novm("option argument");
- *(char **)(opt->addr) = sv;
+ if (*optptr)
+ free(*optptr);
+ *optptr = sv;
}
break;