Bug#465453: asterisk: illegal free(env_var) after putenv(env_var)
Philipp Berndt
philipp.berndt at smeet.de
Tue Feb 12 15:03:53 UTC 2008
Package: asterisk
Version: 1:1.2.13~dfsg-2etch2
Severity: normal
Tags: patch
In res/res_odbc.c putenv(env_var) is followed by free(env_var). This leads to illegal memory accesses which can be observed with valgrind.
putenv(3) manual states:
The libc4 and libc5 and glibc 2.1.2 versions conform to SUSv2: the pointer string given to putenv() is used. In particular, this string becomes part of the environment; changing it
later will change the environment. (Thus, it is an error is to call putenv() with an automatic variable as the argument, then return from the calling function while string is still
part of the environment.) However, glibc 2.0-2.1.1 differs: a copy of the string is used. On the one hand this causes a memory leak, and on the other hand it violates SUSv2. This
has been fixed in glibc2.1.2.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22.7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages asterisk depends on:
ii adduser 3.102 Add and remove users and groups
ii asterisk-classic 1:1.2.13~dfsg-2etch2 Open Source Private Branch Exchang
asterisk recommends no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: putenv_free.dpatch
Type: application/x-shellscript
Size: 695 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20080212/8d4e64ae/attachment.bin
More information about the Pkg-voip-maintainers
mailing list