From 870e4da2080ea08e50d55b42fd80c39616289867 Mon Sep 17 00:00:00 2001
From: Utz-Uwe Haus <uhaus@cray.com>
Date: Wed, 3 Mar 2021 15:38:59 +0100
Subject: [PATCH] Ensure string attribute values get duplicated for protobuf

protobuf descends into char* members, so freeing messages will kill the
allocated string, which typically still should live in some dictionary (entry),
leading to double-free.

We now duplicate them. All other attribute data types
are either scalar or already handled properly.
---
 attributes/maestro-schema.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/attributes/maestro-schema.c b/attributes/maestro-schema.c
index acbf365b..d08fe67b 100644
--- a/attributes/maestro-schema.c
+++ b/attributes/maestro-schema.c
@@ -2710,7 +2710,18 @@ mstro_attribute_entry_to_mapentry(const struct mstro_attribute_entry_ *entry,
     case MSTRO_STP_STR:
     case MSTRO_STP_REGEX:
       res->val->val_case = MSTRO__POOL__AVAL__VAL_STRING;
-      res->val->string = (char *)entry->val;
+      /* we need to duplicate strings, since the deallocation of
+       * protobuf messages descends into char* members, and so the
+       * entry in the dictionary where the entry is will be invalid
+       * when the message is deallocated (or vice versa) */
+      res->val->string = strdup((char *)entry->val);
+       if(res->val->string==NULL) {
+         ERR("Failed to allocat string value for KV entry\n");
+         free(res->val);
+         free(res);
+         s=MSTRO_NOMEM;
+         goto BAILOUT;
+       }
       break;
     case MSTRO_STP_BLOB:
       res->val->val_case = MSTRO__POOL__AVAL__VAL_BYTES;
-- 
GitLab