From ded0ea61faeabb548ec005a2d201c6c783fb4ea1 Mon Sep 17 00:00:00 2001
From: Christoph Kraemer <christoph.kraemer@greenbone.net>
Date: Tue, 28 Sep 2021 12:05:31 +0200
Subject: [PATCH 1/2] use duplicate host function

---
 CHANGELOG.md | 1 +
 src/attack.c | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 34f0c7c9f..bb3a3f50e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -31,6 +31,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 - Use fchmod to change file permission instead of on open to prevent race conditions [860](https://github.com/greenbone/openvas-scanner/pull/860)
 - Fix plugins upload. Backport #878. [#879](https://github.com/greenbone/openvas/pull/879)
+- Fix Segmentation fault when freeing hosts and alive hosts [#888](https://github.com/greenbone/openvas/pull/888)
 
 ## [21.10] (unreleased)
 
diff --git a/src/attack.c b/src/attack.c
index c5eb32c75..7c53d86b6 100644
--- a/src/attack.c
+++ b/src/attack.c
@@ -1236,7 +1236,7 @@ attack_network (struct scan_globals *globals)
 
           if (host)
             {
-              gvm_hosts_add (alive_hosts_list, host);
+              gvm_hosts_add (alive_hosts_list, gvm_duplicate_host (host));
             }
           else
             g_debug ("%s: got NULL host, stop/finish scan", __func__);

From d4dfe02cb0af5c8cc8495db443b5deb2b2ba598c Mon Sep 17 00:00:00 2001
From: Christoph Kraemer <christoph.kraemer@greenbone.net>
Date: Wed, 29 Sep 2021 10:49:26 +0200
Subject: [PATCH 2/2] prevent memory leak

---
 src/attack.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/attack.c b/src/attack.c
index 7c53d86b6..649fa0559 100644
--- a/src/attack.c
+++ b/src/attack.c
@@ -1188,6 +1188,7 @@ attack_network (struct scan_globals *globals)
       if (test_alive_hosts_only)
         {
           struct in6_addr tmpaddr;
+          gvm_host_t *buf;
 
           while (1)
             {
@@ -1231,13 +1232,16 @@ attack_network (struct scan_globals *globals)
                 break;
             }
 
-          if (gvm_host_get_addr6 (host, &tmpaddr) == 0)
-            host = gvm_host_find_in_hosts (host, &tmpaddr, hosts);
-
-          if (host)
+          if (host && gvm_host_get_addr6 (host, &tmpaddr) == 0)
             {
-              gvm_hosts_add (alive_hosts_list, gvm_duplicate_host (host));
+              buf = host;
+              host = gvm_host_find_in_hosts (host, &tmpaddr, hosts);
+              gvm_host_free (buf);
+              buf = NULL;
             }
+
+          if (host)
+            gvm_hosts_add (alive_hosts_list, gvm_duplicate_host (host));
           else
             g_debug ("%s: got NULL host, stop/finish scan", __func__);
         }