git: 9front

Download patch

ref: 582e3b588686cc73e672717099c7d98a5c3d8c5d
parent: 50e48c6ae580ca6d19f462650a3fcbced63de99c
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Wed Aug 20 20:30:13 EDT 2014 

ip: fix memory leak in ipicadd6()

allocate the Iplifc structure on the stack instead.
i assuming that it was allocated on heap in fear of
causing stack oveflow. on 386, this adds arround
88 bytes on the stack but it doesnt seem to cause
any trouble. (checked with poolcheck after ctl write)


--- a/sys/src/9/ip/ipifc.c
+++ b/sys/src/9/ip/ipifc.c
@@ -1628,25 +1628,29 @@
 ipifcadd6(Ipifc *ifc, char**argv, int argc)
 {
 	int plen = 64;
-	long origint = NOW / 1000, preflt = ~0L, validlt = ~0L;
 	char addr[40], preflen[6];
 	char *params[3];
-	uchar autoflag = 1, onlink = 1;
 	uchar prefix[IPaddrlen];
-	Iplifc *lifc;
+	Iplifc lifc;
 
+	lifc.onlink = 1;
+	lifc.autoflag = 1;
+	lifc.validlt = ~0L;
+	lifc.preflt = ~0L;
+	lifc.origint = NOW / 1000;
+
 	switch(argc) {
 	case 7:
-		preflt = atoi(argv[6]);
+		lifc.preflt = atoi(argv[6]);
 		/* fall through */
 	case 6:
-		validlt = atoi(argv[5]);
+		lifc.validlt = atoi(argv[5]);
 		/* fall through */
 	case 5:
-		autoflag = atoi(argv[4]);
+		lifc.autoflag = atoi(argv[4]) != 0;
 		/* fall through */
 	case 4:
-		onlink = atoi(argv[3]);
+		lifc.onlink = atoi(argv[3]) != 0;
 		/* fall through */
 	case 3:
 		plen = atoi(argv[2]);
@@ -1657,21 +1661,15 @@
 		return Ebadarg;
 	}
 
-	if (parseip(prefix, argv[1]) != 6 || validlt < preflt || plen < 0 ||
+	if (parseip(prefix, argv[1]) != 6 || lifc.validlt < lifc.preflt || plen < 0 ||
 	    plen > 64 || islinklocal(prefix))
 		return Ebadarg;
 
-	lifc = smalloc(sizeof(Iplifc));
-	lifc->onlink = (onlink != 0);
-	lifc->autoflag = (autoflag != 0);
-	lifc->validlt = validlt;
-	lifc->preflt = preflt;
-	lifc->origint = origint;
-
 	/* issue "add" ctl msg for v6 link-local addr and prefix len */
 	if(ifc->m->pref2addr == nil)
 		return Ebadarg;
 	(*ifc->m->pref2addr)(prefix, ifc->mac);	/* mac → v6 link-local addr */
+
 	sprint(addr, "%I", prefix);
 	sprint(preflen, "/%d", plen);
 	params[0] = "add";
@@ -1678,5 +1676,5 @@
 	params[1] = addr;
 	params[2] = preflen;
 
-	return ipifcadd(ifc, params, 3, 0, lifc);
+	return ipifcadd(ifc, params, 3, 0, &lifc);
 }
--