shared: fix double free in unmask (#5005)

Easily reproducible:
1) systemctl mask foo
2) systemctl unmask foo foo

The problem here is that the *i that is put into todo[] is later freed
in strv_uniq(), which is not directly visible from this patch. Somewhere
further in the code, the string that *i pointed to is freed again. That
happens only when multiple services with the same name/path are specified.

diff --git a/src/shared/install.c b/src/shared/install.c
index 4e047157cc7397b6ab4c096ca4b13eb8e6555033..8036b0a404f01f99b6968b09ada7712df29c03d9 100644 (file)
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -1855,7 +1855,7 @@ int unit_file_unmask(
 
         _cleanup_lookup_paths_free_ LookupPaths paths = {};
         _cleanup_set_free_free_ Set *remove_symlinks_to = NULL;
-        _cleanup_free_ char **todo = NULL;
+        _cleanup_strv_free_ char **todo = NULL;
         size_t n_todo = 0, n_allocated = 0;
         const char *config_path;
         char **i;
@@ -1893,7 +1893,7 @@ int unit_file_unmask(
                 if (!GREEDY_REALLOC0(todo, n_allocated, n_todo + 2))
                         return -ENOMEM;
 
-                todo[n_todo++] = *i;
+                todo[n_todo++] = strdup(*i);
         }
 
         strv_uniq(todo);