# HG changeset patch
# User Rob Landley <rob@landley.net>
# Date 1412875056 18000
# Node ID 7dacf2eda737f8e5cad04d6d4a093382f43ceb1c
# Parent  9d6ce6b0fa313d68503ef0bedcca0a3ce2d07472
Fix use-after-free spotted by Ashwini Sharma's static analysis.

We xstrdup() an optargs string to avoid modifying our environment space
(because it can change what "ps" shows to other processes), and then parse
out colon delimited strings and save them in globals that can later be used
in the -v codepath and so on. But those globals _aren't_ strdup (no point)
which means we can't free the string while we're still using pointers into
the middle of it. So move the free to the end.

(I hardly ever test with CFG_TOYBOX_FREE switched on because even nommu
doesn't need it.)

diff -r 9d6ce6b0fa31 -r 7dacf2eda737 toys/posix/chgrp.c
--- a/toys/posix/chgrp.c	Wed Oct 08 13:59:16 2014 -0500
+++ b/toys/posix/chgrp.c	Thu Oct 09 12:17:36 2014 -0500
@@ -90,7 +90,6 @@
       if (!p && isdigit(*own)) p=getpwuid(atoi(own));
       if (!p) error_exit("no user '%s'", own);
       TT.owner = p->pw_uid;
-      if (CFG_TOYBOX_FREE) free(own);
     }
   } else TT.group_name = *toys.optargs;
 
@@ -107,4 +106,6 @@
     if (new) dirtree_handle_callback(new, do_chgrp);
     else toys.exitval = 1;
   }
+
+  if (CFG_TOYBOX_FREE && ischown) free(own);
 }