diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2008-12-08 12:26:36 +0100 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2008-12-08 12:26:36 +0100 |
| commit | b0317d31d98b17cd8b9b5d29f438191ac045cd33 (patch) | |
| tree | 1e05eb1ab44b2cae8e48e3fb4365aaed65396355 /tcpsrv.c | |
| parent | 7cbbba198913ff3403116d2364d8765cfdd7f162 (diff) | |
| download | rsyslog-b0317d31d98b17cd8b9b5d29f438191ac045cd33.tar.gz rsyslog-b0317d31d98b17cd8b9b5d29f438191ac045cd33.tar.bz2 rsyslog-b0317d31d98b17cd8b9b5d29f438191ac045cd33.zip | |
backport of $AllowedSender security fixv3.18.6
- security bugfix: $AllowedSender was not honored, all senders were
permitted instead (see http://www.rsyslog.com/Article322.phtml)
(backport from v3-stable, v3.20.9)
- minor bugfix: dual close() call on tcp session closure
Diffstat (limited to 'tcpsrv.c')
| -rw-r--r-- | tcpsrv.c | 10 |
1 files changed, 4 insertions, 6 deletions
@@ -415,7 +415,7 @@ static rsRetVal SessAccept(tcpsrv_t *pThis, tcps_sess_t **ppSess, int fd) { DEFiRet; - tcps_sess_t *pSess; + tcps_sess_t *pSess = NULL; int newConn; int iSess = -1; struct sockaddr_storage addr; @@ -464,8 +464,6 @@ SessAccept(tcpsrv_t *pThis, tcps_sess_t **ppSess, int fd) * configured to do this). * rgerhards, 2005-09-26 */ -RUNLOG_VAR("%p", ppSess); -RUNLOG_VAR("%p", pSess); if(!pThis->pIsPermittedHost((struct sockaddr*) &addr, (char*) fromHostFQDN, pThis->pUsr, pSess->pUsr)) { dbgprintf("%s is not an allowed sender\n", (char *) fromHostFQDN); if(option_DisallowWarning) { @@ -492,12 +490,12 @@ RUNLOG_VAR("%p", pSess); *ppSess = pSess; pThis->pSessions[iSess] = pSess; + pSess = NULL; finalize_it: if(iRet != RS_RET_OK) { - if(iSess != -1) { - if(pThis->pSessions[iSess] != NULL) - tcps_sess.Destruct(&pThis->pSessions[iSess]); + if(pSess != NULL) { + tcps_sess.Destruct(&pSess); } iSess = -1; // TODO: change this to be fully iRet compliant ;) } |