diff options
author | Jeremy Sowden <jeremy@azazel.net> | 2021-11-30 10:55:57 +0000 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-01-03 17:50:14 +0100 |
commit | bba33e0219b9a12aaf2bdd96315bd5c95026fa84 (patch) | |
tree | d545ef177d2572842c23e200da8de0a93d06f71a /output/ulogd_output_JSON.c | |
parent | 233e93b4742f340fb427046e874f28472a97dd21 (diff) |
output: JSON: fix possible leak in error-handling.
The `realloc` extending the buffer containing the JSON to allow us to
insert a final new-line may fail. Therefore, we need to assign the
return-value to a temporary variable or we will not able to free the
existing buffer on error.
Use the correct type for `buflen`.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'output/ulogd_output_JSON.c')
-rw-r--r-- | output/ulogd_output_JSON.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/output/ulogd_output_JSON.c b/output/ulogd_output_JSON.c index c802448..2166d15 100644 --- a/output/ulogd_output_JSON.c +++ b/output/ulogd_output_JSON.c @@ -275,8 +275,8 @@ static int json_interp(struct ulogd_pluginstance *upi) { struct json_priv *opi = (struct json_priv *) &upi->private; unsigned int i; - char *buf; - int buflen; + char *buf, *tmp; + size_t buflen; json_t *msg; msg = json_object(); @@ -338,8 +338,6 @@ static int json_interp(struct ulogd_pluginstance *upi) json_object_set_new(msg, "dvc", json_string(dvc)); } - - for (i = 0; i < upi->input.num_keys; i++) { struct ulogd_key *key = upi->input.keys[i].u.source; char *field_name; @@ -392,7 +390,6 @@ static int json_interp(struct ulogd_pluginstance *upi) } } - buf = json_dumps(msg, 0); json_decref(msg); if (buf == NULL) { @@ -400,11 +397,13 @@ static int json_interp(struct ulogd_pluginstance *upi) return ULOGD_IRET_ERR; } buflen = strlen(buf); - buf = realloc(buf, sizeof(char)*(buflen+2)); - if (buf == NULL) { + tmp = realloc(buf, buflen + sizeof("\n")); + if (tmp == NULL) { + free(buf); ulogd_log(ULOGD_ERROR, "Could not create message\n"); return ULOGD_IRET_ERR; } + buf = tmp; strncat(buf, "\n", 1); buflen++; |