From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 12 May 2023 08:23:56 +0000 (+0200)
Subject: core: fix memory leak during deserialization
X-Git-Tag: v254-rc1~494
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e8dba80626b61debc51b759ddb7ef1baaaddcb65;p=thirdparty%2Fsystemd.git

core: fix memory leak during deserialization

when activation-details-unit-name is encountered multiple times.

Resolves: #27623
---

diff --git a/src/core/unit.c b/src/core/unit.c
index d275adb9b0f..3393138bac1 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -6151,6 +6151,8 @@ void activation_details_serialize(ActivationDetails *details, FILE *f) {
 }
 
 int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
+        int r;
+
         assert(key);
         assert(value);
         assert(details);
@@ -6182,9 +6184,9 @@ int activation_details_deserialize(const char *key, const char *value, Activatio
         }
 
         if (streq(key, "activation-details-unit-name")) {
-                (*details)->trigger_unit_name = strdup(value);
-                if (!(*details)->trigger_unit_name)
-                        return -ENOMEM;
+                r = free_and_strdup(&(*details)->trigger_unit_name, value);
+                if (r < 0)
+                        return r;
 
                 return 0;
         }
diff --git a/test/fuzz/fuzz-manager-serialize/clusterfuzz-testcase-minimized-fuzz-manager-serialize-5609602292252672 b/test/fuzz/fuzz-manager-serialize/clusterfuzz-testcase-minimized-fuzz-manager-serialize-5609602292252672
new file mode 100644
index 00000000000..735b0e8f8bd
--- /dev/null
+++ b/test/fuzz/fuzz-manager-serialize/clusterfuzz-testcase-minimized-fuzz-manager-serialize-5609602292252672
@@ -0,0 +1,6 @@
+
+y.service
+job
+activation-details-unit-type=path
+activation-details-unit-name
+activation-details-unit-name
\ No newline at end of file