From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 12 Mar 2019 16:44:01 +0000 (+0100)
Subject: nspawn: fix memleak uncovered by fuzzer
X-Git-Tag: v242-rc1~118^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6d632d00eda5e505dc26cd202eba2c28b7d454b1;p=thirdparty%2Fsystemd.git

nspawn: fix memleak uncovered by fuzzer

This is almost the same as 0e636bf51a. I looked through the code,
and I don't see any more instances of this pattern, so hopefully this
will be the last one.

https://oss-fuzz.com/issue/5660094128193536/13691.
---

diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
index 13f50b2d37b..dceacf61ae6 100644
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@@ -304,7 +304,7 @@ int overlay_mount_parse(CustomMount **l, size_t *n, const char *s, bool read_onl
                 /* If the upper directory is unspecified, then let's create it automatically as a throw-away directory
                  * in /var/tmp */
                 if (isempty(upper))
-                        upper = NULL;
+                        upper = mfree(upper);
                 else if (!source_path_is_valid(upper))
                         return -EINVAL;
 
diff --git a/test/fuzz/fuzz-nspawn-settings/oss-fuzz-13691 b/test/fuzz/fuzz-nspawn-settings/oss-fuzz-13691
new file mode 100644
index 00000000000..51f46e37346
--- /dev/null
+++ b/test/fuzz/fuzz-nspawn-settings/oss-fuzz-13691
@@ -0,0 +1,2 @@
+[Files]
+Overlay=/::
\ No newline at end of file