autofs-5.0.1 - clear rpc client on lookup fail From: Ian Kent <raven@themaw.net> If a name lookup failure occurs in create_tcp_client() or create_udp_client() the client is destoryed and the file descriptor is closed at exit but the rpc client isn't set to NULL. This leads to a subsequent SEGV when attempting to use the invalid client. --- lib/rpc_subs.c | 2 ++ 1 file changed, 2 insertions(+) --- autofs-5.0.1.orig/lib/rpc_subs.c +++ autofs-5.0.1/lib/rpc_subs.c @@ -89,6 +89,7 @@ static CLIENT *create_udp_client(struct int err = ghn_errno == -1 ? errno : ghn_errno; char *estr = strerror_r(err, buf, HOST_ENT_BUF_SIZE); logerr("hostname lookup failed: %s", estr); + info->client = NULL; goto out_close; } memcpy(&raddr.sin_addr.s_addr, php->h_addr, php->h_length); @@ -311,6 +312,7 @@ static CLIENT *create_tcp_client(struct int err = ghn_errno == -1 ? errno : ghn_errno; char *estr = strerror_r(err, buf, HOST_ENT_BUF_SIZE); logerr("hostname lookup failed: %s", estr); + info->client = NULL; goto out_close; } memcpy(&addr.sin_addr.s_addr, php->h_addr, php->h_length);