Received: by 2002:a5d:9c59:0:0:0:0:0 with SMTP id 25csp1309812iof;
        Tue, 7 Jun 2022 03:04:07 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzi67Nt5C/iVoT/NW3wUA/WSDyKNLp1qI2dyI7+7jlfOP+ZGNbxVwKrZxoF5ErRqI5WTC07
X-Received: by 2002:a05:6402:2816:b0:431:87c8:b483 with SMTP id h22-20020a056402281600b0043187c8b483mr4161473ede.426.1654596247486;
        Tue, 07 Jun 2022 03:04:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1654596247; cv=none;
        d=google.com; s=arc-20160816;
        b=urLZX7soHx7eBwbke1zPu1ns+bkR977P1PuoCP3E5S5AuxL1trwgKHom9bu5uDD+9O
         4dktBN06JEmKrnUR5gJXMNgBGv4sHZQa54VxFR+WL28wHf4S74jZsON6y45yAp/qxy+m
         xJHoGXbRrWqg1mH2D/JWwV2nS6VZTJ8uXD7IZ6/+mdtNB4rnEiq+zAvAWCJI2hnUt3cm
         kUaaHNVOrd9UFx0YILmAOTV0N0us10eMD1rW1mkrZb95wt8UWuGxow4QCki+Qw5jQsoV
         MJHmVbhb6ZH9KxKsDHYwpHSghLo5rdCSxOpR84VnZne/XrAq1sH+Gqeil5SkziafcJ+m
         q3Ng==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=zG8P+d0V/jRmxykklLVKrcquea9FuCcvlG8SRXkok3E=;
        b=ucfRQPIwQksxH/YFBEYf9lmUt8ebg3jV5brQzfka2duWsdVD+chYjQ4J1jW4ie70kX
         bNI6o/2VRP3WK4f+9Q0ci+AnkwpddqVXIYba7xD4e+yI4Pq1XOr7n8qoCTrxF1UwG5Rm
         5d8MEFfcXxxPnzp/2i0EBxOLU1uBhPuCtG0KJ+RKaHVbrfQMTqqHN31lVNWRI01P0GLM
         zBNcOohBMm116XMAp6AuOFyOBOY9p/WopiE5B0A2fDkIqaS7ojH6yukt1+UpPiYqGTeH
         YODVEx2DttTJipAMGTtXfwSEsgkE7baalf47yuvcTDevY/6oiY7YYlE02SAa9ANBHPnr
         PbfQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id e12-20020a056402190c00b004313f6ecd39si11627937edz.183.2022.06.07.03.03.35;
        Tue, 07 Jun 2022 03:04:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S238100AbiFGITf (ORCPT <rfc822;jx.jiangxin@gmail.com>
        + 99 others); Tue, 7 Jun 2022 04:19:35 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46318 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S238118AbiFGITe (ORCPT
        <rfc822;linux-nfs@vger.kernel.org>); Tue, 7 Jun 2022 04:19:34 -0400
Received: from mail.linux-ng.de (srv.linux-ng.de [5.9.18.165])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 8F2E825C6D
        for <linux-nfs@vger.kernel.org>; Tue,  7 Jun 2022 01:19:32 -0700 (PDT)
Received: from rpi4.linux-ng.de (unknown [192.168.1.79])
        by mail.linux-ng.de (Postfix) with ESMTPS id 6839283DE6D0;
        Tue,  7 Jun 2022 10:19:31 +0200 (CEST)
Received: by rpi4.linux-ng.de (Postfix, from userid 1000)
        id 275C2BBEC0; Tue,  7 Jun 2022 10:19:31 +0200 (CEST)
From:   marcel@linux-ng.de
To:     linux-nfs@vger.kernel.org
Cc:     Marcel Ritter <marcel@linux-ng.de>
Subject: [PATCH 1/3] cifs-utils/svcgssd: Fix use-after-free bug (config variables)
Date:   Tue,  7 Jun 2022 10:19:07 +0200
Message-Id: <20220607081909.1216287-1-marcel@linux-ng.de>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
        SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

From: Marcel Ritter <marcel@linux-ng.de>

This patch fixes a bug when trying to set "principal" in /etc/nfs.conf.
Memory gets freed by conf_cleanup() before being used - moving cleanup
code resolves that.

---
 utils/gssd/svcgssd.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c
index 881207b3..a242b789 100644
--- a/utils/gssd/svcgssd.c
+++ b/utils/gssd/svcgssd.c
@@ -211,9 +211,6 @@ main(int argc, char *argv[])
 	rpc_verbosity = conf_get_num("svcgssd", "RPC-Verbosity", rpc_verbosity);
 	idmap_verbosity = conf_get_num("svcgssd", "IDMAP-Verbosity", idmap_verbosity);
 
-	/* We don't need the config anymore */
-	conf_cleanup();
-
 	while ((opt = getopt(argc, argv, "fivrnp:")) != -1) {
 		switch (opt) {
 			case 'f':
@@ -328,6 +325,9 @@ main(int argc, char *argv[])
 
 	daemon_ready();
 
+	/* We don't need the config anymore */
+	conf_cleanup();
+
 	nfs4_init_name_mapping(NULL); /* XXX: should only do this once */
 
 	rc = event_base_dispatch(evbase);
-- 
2.34.1