Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 6 Jun 2022 11:45:52 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 1d132ca5640f - stable/12 - pf syncookies: fix memory leak
Message-ID:  <202206061145.256BjqRh053944@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=1d132ca5640fbe3db13b3532d85b6fdb1cefa8d4

commit 1d132ca5640fbe3db13b3532d85b6fdb1cefa8d4
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-04-07 06:41:37 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-06-06 07:01:43 +0000

    pf syncookies: fix memory leak
    
    We forgot to free the nvlist (and packed nvlist) on success.
    While here start using the ERROUT macro to clean up error handling, and
    to add SDTs for better debugging.
    
    Reported by:    Coverity
    CID:            1473150
    
    (cherry picked from commit be461cdfb36e229040aafae07a2ba68f73091431)
---
 sys/netpfil/pf/pf_syncookies.c | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/sys/netpfil/pf/pf_syncookies.c b/sys/netpfil/pf/pf_syncookies.c
index 8fdc96e31e98..a3cc6650bbce 100644
--- a/sys/netpfil/pf/pf_syncookies.c
+++ b/sys/netpfil/pf/pf_syncookies.c
@@ -141,10 +141,13 @@ pf_get_syncookies(struct pfioc_nv *nv)
 {
 	nvlist_t	*nvl = NULL;
 	void		*nvlpacked = NULL;
+	int		 error;
+
+#define ERROUT(x)	ERROUT_FUNCTION(errout, x)
 
 	nvl = nvlist_create(0);
 	if (nvl == NULL)
-		return (ENOMEM);
+		ERROUT(ENOMEM);
 
 	nvlist_add_bool(nvl, "enabled",
 	    V_pf_status.syncookies_mode != PF_SYNCOOKIES_NEVER);
@@ -154,21 +157,23 @@ pf_get_syncookies(struct pfioc_nv *nv)
 	nvlist_add_number(nvl, "lowwater", V_pf_syncookie_status.lowat);
 
 	nvlpacked = nvlist_pack(nvl, &nv->len);
-	if (nvlpacked == NULL) {
-		nvlist_destroy(nvl);
-		return (ENOMEM);
-	}
+	if (nvlpacked == NULL)
+		ERROUT(ENOMEM);
+
 	if (nv->size == 0) {
-		nvlist_destroy(nvl);
-		free(nvlpacked, M_TEMP);
-		return (0);
+		ERROUT(0);
 	} else if (nv->size < nv->len) {
-		nvlist_destroy(nvl);
-		free(nvlpacked, M_TEMP);
-		return (ENOSPC);
+		ERROUT(ENOSPC);
 	}
 
-	return (copyout(nvlpacked, nv->data, nv->len));
+	error = copyout(nvlpacked, nv->data, nv->len);
+
+#undef ERROUT
+errout:
+	nvlist_destroy(nvl);
+	free(nvlpacked, M_TEMP);
+
+	return (error);
 }
 
 int

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202206061145.256BjqRh053944>