File U_01-Prevent-double-xfree-on-error-in-_unpack_node_reg_resp.patch of Package slurm.32296

From: Tim Wickberg <tim@schedmd.com>
Date: Tue Nov 28 16:50:06 2023 -0700
Subject: [PATCH 1/28]Prevent double-xfree() on error in _unpack_node_reg_resp().
Patch-mainline: Upstream
Git-repo: https://github.com/SchedMD/slurm
Git-commit: 9ec6ffed8dd75c105ab15ff61d27a9fd2cd817b8
References: bsc#1218046, bsc#1218050, bsc#1218051, bsc#1218053
Signed-off-by: Egbert Eich <eich@suse.de>

CVE-2023-49937.

Signed-off-by: Egbert Eich <eich@suse.com>
---
 NEWS                             | 1 +
 src/common/slurm_protocol_pack.c | 1 +
 2 files changed, 2 insertions(+)

diff --git a/NEWS b/NEWS
index cbeb64d61d..ad93b88d53 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,7 @@ documents those changes that are of interest to users and administrators.
 
 * Backported changes
 ====================
+ -- Prevent double-xfree() on error in _unpack_node_reg_resp(). CVE-2023-49937.
  -- Fix filesystem handling race conditions that could lead to an attacker
     taking control of an arbitrary file, or removing entire directories'
     contents. CVE-2023-41914.
diff --git a/src/common/slurm_protocol_pack.c b/src/common/slurm_protocol_pack.c
index 3526809ab6..517011796c 100644
--- a/src/common/slurm_protocol_pack.c
+++ b/src/common/slurm_protocol_pack.c
@@ -7822,6 +7822,7 @@ static int _unpack_node_reg_resp(
 
 unpack_error:
 	slurm_free_node_reg_resp_msg(msg_ptr);
+	*msg = NULL;
 	return SLURM_ERROR;
 }

Places

File U_01-Prevent-double-xfree-on-error-in-_unpack_node_reg_resp.patch of Package slurm.32296

Places