commit 50ef80739d9e1e0df6616289ef2ff626a94666ee Author: Steve Dickson Date: Thu May 23 09:24:49 2019 -0400 rpc.mountd: Fix e_hostname and e_uuid leaks strdup of exportent uuid and hostname in getexportent() ends up leaking memory. Free the memory before getexportent() is called again from xtab_read() Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1713360 Signed-off-by: Nikhil Kshirsagar Signed-off-by: Steve Dickson diff --git a/support/export/xtab.c b/support/export/xtab.c index d42eeef..1e1d679 100644 --- a/support/export/xtab.c +++ b/support/export/xtab.c @@ -50,6 +50,14 @@ xtab_read(char *xtab, char *lockfn, int is_export) while ((xp = getexportent(is_export==0, 0)) != NULL) { if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) && !(exp = export_create(xp, is_export!=1))) { + if(xp->e_hostname) { + free(xp->e_hostname); + xp->e_hostname=NULL; + } + if(xp->e_uuid) { + free(xp->e_uuid); + xp->e_uuid=NULL; + } continue; } switch (is_export) { @@ -62,7 +70,16 @@ xtab_read(char *xtab, char *lockfn, int is_export) if ((xp->e_flags & NFSEXP_FSID) && xp->e_fsid == 0) v4root_needed = 0; break; - } + } + if(xp->e_hostname) { + free(xp->e_hostname); + xp->e_hostname=NULL; + } + if(xp->e_uuid) { + free(xp->e_uuid); + xp->e_uuid=NULL; + } + } endexportent(); xfunlock(lockid); diff --git a/support/nfs/exports.c b/support/nfs/exports.c index 5f4cb95..a7582ca 100644 --- a/support/nfs/exports.c +++ b/support/nfs/exports.c @@ -179,9 +179,20 @@ getexportent(int fromkernel, int fromexports) } ee.e_hostname = xstrdup(hostname); - if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) - return NULL; + if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) { + if(ee.e_hostname) + { + xfree(ee.e_hostname); + ee.e_hostname=NULL; + } + if(ee.e_uuid) + { + xfree(ee.e_uuid); + ee.e_uuid=NULL; + } + return NULL; + } /* resolve symlinks */ if (realpath(ee.e_path, rpath) != NULL) { rpath[sizeof (rpath) - 1] = '\0';