From 371eb49043d225d2bab8149187b813a14b4b86d2 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Wed, 9 Nov 2022 21:09:16 +0100 Subject: Conf: Free stored old config before parsing new one BIRD keeps a previous (old) configuration for the purpose of undo. The existing code frees it after a new configuration is successfully parsed during reconfiguration. That causes memory usage spikes as there are temporarily three configurations (old, current, and new). The patch changes it to free the old one before parsing the new one (as user already requested a new config). The disadvantage is that undo is not available after failed reconfiguration. --- sysdep/unix/main.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sysdep/unix') diff --git a/sysdep/unix/main.c b/sysdep/unix/main.c index 84e7d889..18cc091f 100644 --- a/sysdep/unix/main.c +++ b/sysdep/unix/main.c @@ -242,6 +242,8 @@ async_config(void) { struct config *conf; + config_free_old(); + log(L_INFO "Reconfiguration requested by SIGHUP"); if (!unix_read_config(&conf, config_name)) { @@ -324,6 +326,8 @@ cmd_reconfig(const char *name, int type, uint timeout) if (cli_access_restricted()) return; + config_free_old(); + struct config *conf = cmd_read_config(name); if (!conf) return; -- cgit v1.2.3 From bbac9ca958c73fd08b4691ea40067d1cc3ac275a Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Wed, 9 Nov 2022 22:02:46 +0100 Subject: Conf: Make 'configure check' command restricted While it does not directly change BIRD state, it can trigger reading arbitrary files and eating significant memory. --- sysdep/unix/main.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sysdep/unix') diff --git a/sysdep/unix/main.c b/sysdep/unix/main.c index 18cc091f..18fd4e44 100644 --- a/sysdep/unix/main.c +++ b/sysdep/unix/main.c @@ -282,6 +282,9 @@ cmd_read_config(const char *name) void cmd_check_config(const char *name) { + if (cli_access_restricted()) + return; + struct config *conf = cmd_read_config(name); if (!conf) return; -- cgit v1.2.3