Added patch to fix double-free in build_shared_mapping.

2024-11-21 16:46:54 -08:00 · 2017-10-16 16:40:29 +02:00 · 2017-10-16 16:40:29 +02:00 · 5110081815
commit 5110081815
parent fd2221cfd9
2 changed files with 40 additions and 0 deletions
--- a/patches/patchinstall.sh
+++ b/patches/patchinstall.sh
@ -351,6 +351,7 @@ patch_enable_all ()
 	enable_server_Signal_Thread="$1"
 	enable_server_Stored_ACLs="$1"
 	enable_server_Timestamp_Compat="$1"
+	enable_server_build_shared_mapping="$1"
 	enable_server_device_manager_destroy="$1"
 	enable_server_free_async_queue="$1"
 	enable_server_send_hardware_message="$1"
@ -1336,6 +1337,9 @@ patch_enable ()
 		server-Timestamp_Compat)
 			enable_server_Timestamp_Compat="$2"
 			;;
+		server-build_shared_mapping)
+			enable_server_build_shared_mapping="$2"
+			;;
 		server-device_manager_destroy)
 			enable_server_device_manager_destroy="$2"
 			;;
@ -7972,6 +7976,18 @@ if test "$enable_server_Timestamp_Compat" -eq 1; then
 	) >> "$patchlist"
 fi

+# Patchset server-build_shared_mapping
+# |
+# | Modified files:
+# |   *	server/mapping.c
+# |
+if test "$enable_server_build_shared_mapping" -eq 1; then
+	patch_apply server-build_shared_mapping/0001-server-Fix-double-free-in-build_shared_mapping.patch
+	(
+		printf '%s\n' '+    { "Sebastian Lackner", "server: Fix double-free in build_shared_mapping.", 1 },';
+	) >> "$patchlist"
+fi
+
 # Patchset server-device_manager_destroy
 # |
 # | Modified files:
--- a/patches/server-build_shared_mapping/0001-server-Fix-double-free-in-build_shared_mapping.patch
+++ b/patches/server-build_shared_mapping/0001-server-Fix-double-free-in-build_shared_mapping.patch
@ -0,0 +1,24 @@
+From 09c8ebbd33c38c40a769790e6ef028b035ad428a Mon Sep 17 00:00:00 2001
+From: Sebastian Lackner <sebastian@fds-team.de>
+Date: Mon, 16 Oct 2017 16:39:28 +0200
+Subject: server: Fix double-free in build_shared_mapping.
+
+---
+ server/mapping.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/server/mapping.c b/server/mapping.c
+index bfd34f2b983..b868b3cf15a 100644
+--- a/server/mapping.c
+++ b/server/mapping.c
+@@ -585,6 +585,7 @@ static int build_shared_mapping( struct mapping *mapping, int fd,
+         if (pwrite( shared_fd, buffer, file_size, write_pos ) != file_size) goto error;
+     }
+     free( buffer );
+    buffer = NULL;
+ 
+     if (!(shared = alloc_object( &shared_map_ops ))) goto error;
+     shared->fd = (struct fd *)grab_object( mapping->fd );
+-- 
+2.14.1
+