Prevent use-after-free in stream publisher RBN key

Initialize publisher's RBN key (p_ent.key) with its own copy of name (p_name) rather than externally managed memory. This prevents potential use-after-free when the external memory is freed while the publisher entry remains in the RBN tree. Fixes #1177
ovis-hpc · Oct 24, 2024 · 71bc6c6 · 71bc6c6
1 parent 45bb6b3
commit 71bc6c6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/ldms/src/ldmsd/ldmsd_stream.c b/ldms/src/ldmsd/ldmsd_stream.c
@@ -121,7 +121,7 @@ static struct ldmsd_stream_publisher_s *__new_publisher(const char *name)
 	p->p_name = strdup(name);
 	if (!p->p_name)
 		goto err;
-	rbn_init(&p->p_ent, (char*)name);
+	rbn_init(&p->p_ent, (char*)p->p_name);
 	return p;
 err:
 	__free_publisher(p);