From owner-svn-src-all@freebsd.org Wed Mar 15 18:15:32 2017 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3E326D0DFC7; Wed, 15 Mar 2017 18:15:32 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F22E1969; Wed, 15 Mar 2017 18:15:31 +0000 (UTC) (envelope-from ngie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v2FIFV9b079323; Wed, 15 Mar 2017 18:15:31 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v2FIFVnH079322; Wed, 15 Mar 2017 18:15:31 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201703151815.v2FIFVnH079322@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Ngie Cooper Date: Wed, 15 Mar 2017 18:15:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r315322 - head/usr.sbin/syslogd X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Mar 2017 18:15:32 -0000 Author: ngie Date: Wed Mar 15 18:15:30 2017 New Revision: 315322 URL: https://svnweb.freebsd.org/changeset/base/315322 Log: syslogd: fix memory leaks in main(..) and allowaddr(..) - main(..): free memory assigned to fdsr before calling die(..). - allowaddr(..): free memory assigned to ap before returning from the function early. Add a `err` goto label to reduce freeaddrinfo/free(ap) logic duplication. MFC after: 1 week X-MFC notes: some of this is dependent on refactoring not MFCed Reported by: clang static analyzer, Coverity CID: 1367750 (ap leakage in allowaddr(..)) Submitted by: Tom Rix Reviewed by: ngie Sponsored by: Dell EMC Isilon, Juniper Differential Revision: D10004 Modified: head/usr.sbin/syslogd/syslogd.c Modified: head/usr.sbin/syslogd/syslogd.c ============================================================================== --- head/usr.sbin/syslogd/syslogd.c Wed Mar 15 18:14:54 2017 (r315321) +++ head/usr.sbin/syslogd/syslogd.c Wed Mar 15 18:15:30 2017 (r315322) @@ -685,8 +685,10 @@ main(int argc, char *argv[]) reapchild(WantReapchild); if (MarkSet) markit(); - if (WantDie) + if (WantDie) { + free(fdsr); die(WantDie); + } bzero(fdsr, howmany(fdsrmax+1, NFDBITS) * sizeof(fd_mask)); @@ -2438,7 +2440,7 @@ allowaddr(char *s) struct allowedpeer *ap; struct servent *se; int masklen = -1; - struct addrinfo hints, *res; + struct addrinfo hints, *res = NULL; #ifdef INET in_addr_t *addrp, *maskp; #endif @@ -2465,8 +2467,9 @@ allowaddr(char *s) ap->port = ntohs(se->s_port); } else { ap->port = strtol(cp1, &cp2, 0); + /* port not numeric */ if (*cp2 != '\0') - return (-1); /* port not numeric */ + goto err; } } else { if ((se = getservbyname("syslog", "udp"))) @@ -2480,7 +2483,7 @@ allowaddr(char *s) strspn(cp1 + 1, "0123456789") == strlen(cp1 + 1)) { *cp1 = '\0'; if ((masklen = atoi(cp1 + 1)) < 0) - return (-1); + goto err; } #ifdef INET6 if (*s == '[') { @@ -2526,8 +2529,7 @@ allowaddr(char *s) /* convert masklen to netmask */ *maskp = htonl(~((1 << (32 - masklen)) - 1)); } else { - freeaddrinfo(res); - return (-1); + goto err; } /* Lose any host bits in the network number. */ *addrp &= *maskp; @@ -2535,10 +2537,9 @@ allowaddr(char *s) #endif #ifdef INET6 case AF_INET6: - if (masklen > 128) { - freeaddrinfo(res); - return (-1); - } + if (masklen > 128) + goto err; + if (masklen < 0) masklen = 128; mask6p = (uint32_t *)&sstosin6(&ap->a_mask)->sin6_addr.s6_addr32[0]; @@ -2559,8 +2560,7 @@ allowaddr(char *s) break; #endif default: - freeaddrinfo(res); - return (-1); + goto err; } freeaddrinfo(res); } else { @@ -2596,7 +2596,13 @@ allowaddr(char *s) printf("port = %d\n", ap->port); } #endif + return (0); +err: + if (res != NULL) + freeaddrinfo(res); + free(ap); + return (-1); } /*