From: Eric Wong <e@80x24.org>
Date: Wed, 30 Aug 2023 05:10:45 +0000 (+0000)
Subject: xap_helper.h: fix double-free on OpenBSD hdestroy
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=afc61ae0464000121f67414777f1feccfcce6d13;p=thirdparty%2Fpublic-inbox.git

xap_helper.h: fix double-free on OpenBSD hdestroy

hdestroy on OpenBSD assumes each key in the table can be freed,
so use strdup to fulfil that requirement.

This behavior differs from tested behavior on glibc and FreeBSD,
as well as what I can see from reading the musl and NetBSD
source code.  OpenBSD may be the only relevant OS which requires
this workaround.
---

diff --git a/lib/PublicInbox/xap_helper.h b/lib/PublicInbox/xap_helper.h
index 922105110..17085adca 100644
--- a/lib/PublicInbox/xap_helper.h
+++ b/lib/PublicInbox/xap_helper.h
@@ -460,6 +460,16 @@ static enum exc_iter dump_roots_iter(struct req *req,
 	return ITER_OK;
 }
 
+static char *hsearch_enter_key(char *s)
+{
+#if defined(__OpenBSD__) /* hdestroy frees each key */
+	char *ret = strdup(s);
+	if (!ret) perror("strdup");
+	return ret;
+#endif // glibc, musl, FreeBSD, NetBSD do not free keys
+	return s;
+}
+
 static bool cmd_dump_roots(struct req *req)
 {
 	CLEANUP_DUMP_ROOTS struct dump_roots_tmp drt = {};
@@ -511,7 +521,8 @@ static bool cmd_dump_roots(struct req *req)
 	}
 	for (size_t i = 0; i < tot; ) {
 		ENTRY e;
-		e.key = drt.entries[i++];
+		e.key = hsearch_enter_key(drt.entries[i++]);
+		if (!e.key) return false;
 		e.data = drt.entries[i++];
 		if (!hsearch(e, ENTER)) {
 			warn("hsearch(%s => %s, ENTER)", e.key,