#1019 UAF in schedule run

Otherwise accessing IP address results in use-after-free.
author: OpenGnSys Support Team <soporte-og@soleta.eu> 2021-02-23 10:47:21 +0100
committer: OpenGnSys Support Team <soporte-og@soleta.eu> 2021-02-23 10:48:13 +0100
commit: 3b3405bc2f6fe2f71ce08cd20bd2938f5f75efec (patch)
tree: ff22c6a739229bb3306ff95571a27c7d88578386
parent: 031e5708d349643b1696cab2aa816db6a65d79db (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/src/rest.c b/src/rest.c
index bee5e24..a3377bc 100644
--- a/src/rest.c
+++ b/src/rest.c
@@ -2924,7 +2924,7 @@ void og_schedule_run(unsigned int task_id, unsigned int schedule_id,
 		}
 
 		if (!duplicated)
-			params.ips_array[params.ips_array_len++] = cmd->ip;
+			params.ips_array[params.ips_array_len++] = strdup(cmd->ip);
 		else
 			duplicated = false;
 	}
@@ -2945,6 +2945,9 @@ void og_schedule_run(unsigned int task_id, unsigned int schedule_id,
 	}
 
 	og_send_request(OG_METHOD_GET, OG_CMD_RUN_SCHEDULE, &params, NULL);
+
+	for (i = 0; i < params.ips_array_len; i++)
+		free((void *)params.ips_array[i]);
 }
 
 static int og_cmd_task_post(json_t *element, struct og_msg_params *params)
author	OpenGnSys Support Team <soporte-og@soleta.eu>	2021-02-23 10:47:21 +0100
committer	OpenGnSys Support Team <soporte-og@soleta.eu>	2021-02-23 10:48:13 +0100
commit	3b3405bc2f6fe2f71ce08cd20bd2938f5f75efec (patch)
tree	ff22c6a739229bb3306ff95571a27c7d88578386
parent	031e5708d349643b1696cab2aa816db6a65d79db (diff)