[gotwebd] fix double free in error path

From:: Omar Polo <op@omarpolo.com>
Subject:: [gotwebd] fix double free in error path
To:: Tracey Emery <tracey@traceyemery.net>
Cc:: gameoftrees@openbsd.org
Date:: Sun, 03 Apr 2022 10:42:25 +0200

Download raw body.

Thread

2022-04-03 08:42 Omar Polo:
[gotwebd] fix double free in error path
- 2022-04-05 13:49 Tracey Emery:
  [gotwebd] fix double free in error path

if the querystring fails to being parsed (maybe because one copy-pasted
the address forgetting the initial ? and firefox escaped every &) we
free it in gotweb_process_request, but then later on we try to free it
again.

alternatively we could also not free the querystring here since it's
always cleared up later?

diff eb24c1d9539030efa5917237931d6f56eada014a /home/op/w/got
blob - c581c9f7cdb1119a88ab4f6a3168dedcf3ed49bd
file + gotwebd/gotweb.c
--- gotwebd/gotweb.c
+++ gotwebd/gotweb.c
@@ -143,6 +143,7 @@ gotweb_process_request(struct request *c)
 	error = gotweb_parse_querystring(&qs, c->querystring);
 	if (error) {
 		gotweb_free_querystring(qs);
+		c->t->qs = NULL;
 		log_warnx("%s: %s", __func__, error->msg);
 		goto err;
 	}
@@ -2784,4 +2785,4 @@ gotweb_get_time_str(char **repo_age, time_t committer_
 		break;
 	}
 	return NULL;
-}
\ No newline at end of file
+}

2022-04-03 08:42 Omar Polo:
[gotwebd] fix double free in error path
- 2022-04-05 13:49 Tracey Emery:
  [gotwebd] fix double free in error path