Fix use after free bug.

Parse_SetInput: curFile->fname was using the buffer passed to it - which ReadMakefile frees. This change makes the comment in ParseEOF about leaking curFile->fname true.
2013-06-18 19:35:51 +00:00 · 2013-06-18 19:35:51 +00:00 · 15441b18e2
commit 15441b18e2
parent 65ee63f7fc
1 changed files with 4 additions and 2 deletions
--- a/contrib/bmake/parse.c
+++ b/contrib/bmake/parse.c
@ -157,7 +157,7 @@ __RCSID("$NetBSD: parse.c,v 1.188 2013/03/22 16:07:59 sjg Exp $");
 * Structure for a file being read ("included file")
 */
 typedef struct IFile {
-    const char      *fname;         /* name of file */
+    char      	    *fname;         /* name of file */
    int             lineno;         /* current line number in file */
    int             first_lineno;   /* line number of start of text */
    int             cond_depth;     /* 'if' nesting when file opened */
@ -2344,7 +2344,7 @@ Parse_SetInput(const char *name, int line, int fd,
     * name of the include file so error messages refer to the right
     * place.
     */
-    curFile->fname = name;
+    curFile->fname = bmake_strdup(name);
    curFile->lineno = line;
    curFile->first_lineno = line;
    curFile->nextbuf = nextbuf;
@ -2357,6 +2357,8 @@ Parse_SetInput(const char *name, int line, int fd,
    buf = curFile->nextbuf(curFile->nextbuf_arg, &len);
    if (buf == NULL) {
        /* Was all a waste of time ... */
+	if (curFile->fname)
+	    free(curFile->fname);
 	free(curFile);
 	return;
    }