Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 7 Apr 2022 14:52:39 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: be461cdfb36e - main - pf syncookies: fix memory leak
Message-ID:  <202204071452.237EqdqE039448@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=be461cdfb36e229040aafae07a2ba68f73091431

commit be461cdfb36e229040aafae07a2ba68f73091431
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-04-07 06:41:37 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-04-07 12:51:52 +0000

    pf syncookies: fix memory leak
    
    We forgot to free the nvlist (and packed nvlist) on success.
    While here start using the ERROUT macro to clean up error handling, and
    to add SDTs for better debugging.
    
    Reported by:    Coverity
    CID:            1473150
---
 sys/netpfil/pf/pf_syncookies.c | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/sys/netpfil/pf/pf_syncookies.c b/sys/netpfil/pf/pf_syncookies.c
index 32b2bec6c3d6..5230502be30c 100644
--- a/sys/netpfil/pf/pf_syncookies.c
+++ b/sys/netpfil/pf/pf_syncookies.c
@@ -141,10 +141,13 @@ pf_get_syncookies(struct pfioc_nv *nv)
 {
 	nvlist_t	*nvl = NULL;
 	void		*nvlpacked = NULL;
+	int		 error;
+
+#define ERROUT(x)	ERROUT_FUNCTION(errout, x)
 
 	nvl = nvlist_create(0);
 	if (nvl == NULL)
-		return (ENOMEM);
+		ERROUT(ENOMEM);
 
 	nvlist_add_bool(nvl, "enabled",
 	    V_pf_status.syncookies_mode != PF_SYNCOOKIES_NEVER);
@@ -154,21 +157,23 @@ pf_get_syncookies(struct pfioc_nv *nv)
 	nvlist_add_number(nvl, "lowwater", V_pf_syncookie_status.lowat);
 
 	nvlpacked = nvlist_pack(nvl, &nv->len);
-	if (nvlpacked == NULL) {
-		nvlist_destroy(nvl);
-		return (ENOMEM);
-	}
+	if (nvlpacked == NULL)
+		ERROUT(ENOMEM);
+
 	if (nv->size == 0) {
-		nvlist_destroy(nvl);
-		free(nvlpacked, M_TEMP);
-		return (0);
+		ERROUT(0);
 	} else if (nv->size < nv->len) {
-		nvlist_destroy(nvl);
-		free(nvlpacked, M_TEMP);
-		return (ENOSPC);
+		ERROUT(ENOSPC);
 	}
 
-	return (copyout(nvlpacked, nv->data, nv->len));
+	error = copyout(nvlpacked, nv->data, nv->len);
+
+#undef ERROUT
+errout:
+	nvlist_destroy(nvl);
+	free(nvlpacked, M_TEMP);
+
+	return (error);
 }
 
 int

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204071452.237EqdqE039448>