On 08/11/2010 04:24 AM, Holger Hans Peter Freyther wrote:
Hi all,
so the next exit command will do a double free... and
the funny part is that
the code has one assumption everything > CONFIG_NODE is considered to be
config as well. This means that we should have two enum values in libosmovty,
one for Last_Enable, one for Last_Config and have enough space between them.
And the other part... maybe vty_go_parent should return CMD_SUCCESS?
Okay, the shortest sequence to make it crash is:
enable
bts 0 oml ....
enable <- first go to parent with delete
enable <- second go to parent... double delete
we also have a similiar issue with the subscriber_put in the exit function...
the only fix I can think of is to move every node that frees data before the
CONFIG_NODE so we will not have the "auto fixup" code of VTY.