cURL / Mailing Lists / curl-library / Single Mail

curl-library

[patch] src/homedir.c memory smasher

From: Toby Peterson <toby_at_apple.com>
Date: Wed, 31 Oct 2007 16:51:13 -0700

Issue only occurs when user has no home directory, i.e. pw->pw_dir is
"" (empty string).

In this specific case, homedir() ends up returning pw->pw_dir
directly, and it is freed in parseconfig().

- Toby

--- src/homedir.c.orig 2007-04-02 16:53:28.000000000 -0700
+++ src/homedir.c 2007-04-02 16:55:07.000000000 -0700
@@ -106,6 +106,8 @@
  #endif
       if (home && home[0])
         home = strdup(home);
+ else
+ home = NULL;
     }
   }
  #endif /* PWD-stuff */
Received on 2007-11-01