Download raw body.
gotwebd: double free in gotweb_free_querystring
On Mon, Aug 15, 2022 at 06:05:29PM +0200, Omar Polo wrote: > found the hard way. fcgi_cleanup_request already takes care of > freeing the querystring. ok? ok > > > commit f160c80fac26cc4052cd1d67c896af6e38919ac8 (gwdprintf) > from: Omar Polo <op@omarpolo.com> > date: Mon Aug 15 15:57:23 2022 UTC > > don't free the querystring on error: it's already done later > > fixes an otherwise double free in the error path. > > diff 917be9c7fdaed06fb6f17cf9a2d556f9272a3c81 f160c80fac26cc4052cd1d67c896af6e38919ac8 > commit - 917be9c7fdaed06fb6f17cf9a2d556f9272a3c81 > commit + f160c80fac26cc4052cd1d67c896af6e38919ac8 > blob - f332e5d6085b45092bae5d9094c76128da56fc32 > blob + 52c84095ccc511d21f371909ab1d5c6fd9bf122c > --- gotwebd/gotweb.c > +++ gotwebd/gotweb.c > @@ -145,7 +145,6 @@ gotweb_process_request(struct request *c) > c->t->qs = qs; > error = gotweb_parse_querystring(&qs, c->querystring); > if (error) { > - gotweb_free_querystring(qs); > log_warnx("%s: %s", __func__, error->msg); > goto err; > } > > -- Tracey Emery
gotwebd: double free in gotweb_free_querystring