diff options
| -rw-r--r-- | doc/NEWS | 3 | ||||
| -rw-r--r-- | src/xact.cc | 8 | ||||
| -rw-r--r-- | test/regress/1723.test | 5 |
3 files changed, 13 insertions, 3 deletions
@@ -45,6 +45,9 @@ - Fix parsing issue of effective dates (bug #1722, TALOS-2017-0303, CVE-2017-2807) +- Fix use-after-free issue with deferred postings (bug #1723, TALOS-2017-0304, + CVE-2017-2808) + - Python: Removed double quotes from Unicode values. - Python: Ensure that parse errors produce useful RuntimeErrors diff --git a/src/xact.cc b/src/xact.cc index 5df9ebc5..10a7106a 100644 --- a/src/xact.cc +++ b/src/xact.cc @@ -395,10 +395,12 @@ bool xact_base_t::finalize() some_null = true; } - if (post->has_flags(POST_DEFERRED)) - post->account->add_deferred_post(id(), post); - else + if (post->has_flags(POST_DEFERRED)) { + if (!post->amount.is_null()) + post->account->add_deferred_post(id(), post); + } else { post->account->add_post(post); + } post->xdata().add_flags(POST_EXT_VISITED); post->account->xdata().add_flags(ACCOUNT_EXT_VISITED); diff --git a/test/regress/1723.test b/test/regress/1723.test new file mode 100644 index 00000000..62a50386 --- /dev/null +++ b/test/regress/1723.test @@ -0,0 +1,5 @@ +2017/3/17 deferred posting + <deferred posting> + +test reg +end test |